The Administrator or Field Service user may add users from EMA or CLI. Privileges are set by associating the username with one of the predefined user groups as shown in the table below.
Sonus recommends creating individual user IDs for each person requiring access to the SBC, even if multiple users share the same roles/permissions. The intent is to avoid a situation where all "Administrator" level users login as the literal "admin" user.
Sonus further recommends creating a "recovery" or "maintenance" type of user which is only needed in case it becomes necessary to login to the CLI to terminate one or more hung sessions.
Read-only access to all commands and data spaces except commands that deal with user accounts, logging and audit controls, the TOD clock and sensitive administrative items. They do not have access to the Field Service shell, Security Event logs, and management audit logs.
Read-write access to all commands and data spaces except commands that deal with user accounts, logging and audit controls, the TOD clock, and sensitive administrative items. They do not have access to the Field Service shell, Security Event logs, and management audit logs and cannot execute any commands stopping or starting these audit log services.
Read-write access to Lawful Intercept tables, and Read access to other tables. Only Admin user can add or remove user from this group. Only one user named “calea” is allowed in this group, and “calea” user cannot be part of any other group.
Read-write access to all commands and data spaces excluding some administrative functions only available to admin users.
Read-Write access to all commands and data spaces.
|Security Auditor||Read-only access to view the security logs and management audit logs. The commands executed by the Security Auditor are logged in the Management Audit log.|
The CLI syntax to create a new username is shown below. Once the command is committed, the system automatically generates and displays a password to the username creator.
Creating a user ID named "sonusadmin" via CLI is not allowed. If "sonusadmin" exists when upgrading to this release, it will automatically be removed.
When the new user logs in for the first time, the user may change the password using the change-password system-level command (see Changing Password).
The following commands are executable only by the Administrator and Security Auditor users:
The following commands are executable only by the Administrator:
The command for creating a user of type SecurityAuditor is given below:
For an explanation of CLI commands, see the CLI Command Reference.
To add or view user details from EMA GUI, select Administration > Users and Application Management tab, and then choose User and Session Management perspective from the navigation panel. See Users and Application Management - User and Session Management page for details.