config role

Updated February 14, 2022. Written for LMS Version 6.2.

Opens an editor to define a set of privileges to apply to users and groups. Roles specify permitted commands.

The industry standard admin, security, analyst, operator, and guest roles are predefined but can be customized with this command, or you can create new roles.

Command availability

CLI resource: system

Lantronix system: All

LMS offerings: All

Syntax

config role [no] <"role name">

Include the no modifier to delete the role.

Subcommands

Use the no modifier to remove settings. For example, use no expire to define the role to be valid indefinitely, if it previously had an expire date.

[no] allow <command | ?> - Specify commands that accounts with this role may execute. You may use as a wildcard character. The command allow ? displays a list of allowed commands for this role.

[no] deny <command | ?> - Specify commands that accounts with this role may not execute. You may use as a wildcard character. The command deny ? displays a list of commands denied to this role. Specifically denied commands are filtered from those specifically allowed. The all keyword is overridden by any specific allow or deny statement. For example, if you issue the deny show command after allowing the show user command, the role allows show user but no other show commands.

[no] description <"text"> - Provide information about the role. This is a free text field of 255 characters.

[no] expire - month and day of the current year after which the role is no longer valid.

[no] start - month and day of the current year that the role becomes valid

Usage

Use the ? command after the allow and deny keywords to display a list of privileges.

A user or group may be given more than one role. The current privileges are evaluated for each execution, and may change authority during a user's session.

The example below shows a role that starts on January 01 and expires on December 31 of the current year.

[admin@uplogixLM]# config role EastNOC
[config role EastNOC] description East Coast NOC
[config role EastNOC] start 0101
[config role EastNOC] expire 1231
[config role EastNOC] allow show*
[config role EastNOC] deny show user, session 
[config role EastNOC] allow config password, ppp-*
[config role EastNOC] allow export

In the Lantronix web interface

Administration > Roles - universally available

Inventory > group page > Security > Roles - specific to this inventory group

Inventory > Local Manager page > Security > Roles - specific to this system

History

1.1 - This command was introduced.

show role

Knowledge Base

General

Uplogix Documentation Library Welcome

Best Practices

Automated Dial Tester

RMA Procedure - Advance Hardware Replacement

Setup Guides

AWS Pulse Server Setup Guide

USB Console Adapter Setup Guide

Default Rules

modemBasic

Custom Rules

Ping-triggered Service Switching

Ubiquiti Service Switching

Cisco ASA Failover State Detection

Codan BUC Native Ruleset

FBB AT off

SLV HTTP Test Connection Failed

Comtech Native

iDirect Native

iDirect Falcon config rule

Power Off Outlet on Startup

Unix Linux Kernel Panic

Cellular Registration Check

Managed Devices

Send Function Keys

Increasing Port Disk Space

Security

Post-Authentication TACACS Failure

Limited SSH Cipher Support

Device Pin-outs

F5 BigIP Load Balancer Pin-out

IBM AIX Server Pin-out

Iridium 9522B to DB-9 Pin-out

Memotec Pin-out

u500 to u5000 DB-9 Adapter

Network

How much bandwidth does the Local Manager use?

Out-of-Band

Updating AT&T LTE Modem for 3G Deprecation

Alarms

Heartbeat timed out. (Connection timed out)

System and management server clocks are more than 20 seconds out of sync

Network Interface Down

Failed to connect to pulse server

Archive failed

USB serial device disconnected from envoy

Authentication failure

Typographical Notations

Command Reference

config authentication

config date

config device logging

config protocols forward

config protocols pass-through

config protocols shadow

config service-processor

config settings

config slv

config system archive

config system authentication

config system banner

config system clear alarms

config system clear archive

config system clear export

config system clear port

config system clear slot

config system management

config system ntp

config system page-length

config system properties

config system protocols dhcp

config system protocols filter

config system protocols ssh

config system protocols telnet

config system pulse

config system reverse-ssh

config system secondary

config system slot

config system snmp

config system subinterface

config system syslog-options

config system timeout

recover configuration

restart

restore

rollback assimilate

rollback authentication

rollback config

service-processor exec

show service-processor

show system authentication

show system management

show system ntp

show system page-length

show system properties

show system protocols

show system pulse

show system reverse-ssh

show system slot

show system snmp

show system subinterface

show system syslog-options

Not finding what you're looking for?

The LEVEL Technical Services team is standing by 24/7/365 to answer any questions you may have about the installation, configuration, and usage of our products.

config role

Command availability

Syntax

Subcommands

Usage

In the Lantronix web interface

History

Related commands

Not finding what you're looking for?