Configuring Profiles

Profiles are used to deny or permit access to a hierarchical branch or specific commands. Profiles are referenced in a user configuration. A maximum of 16 user profiles can be defined. A user can participate in up to 16 profiles. Depending on the authorization requirements, passwords are configured locally or on the RADIUS server.

Use the following CLI commands to configure user profiles:

CLI Syntax:

config>system>security
    profile user-profile-name 
    default-action {deny-all | permit-all | none}
    renum old-entry-number new-entry-number
    entry entry-id
        description description-string
        match command-string
        action {permit | deny}

The following displays an example of the user profile command usage.

Example:

config>system>security# profile ghost
config>system>security>profile$ default-action permit-all
config>system>security>profile# entry 1
config>system>security>profile>entry$ action permit
config>system>security>profile>entry# match "configure"	
config>system>security>profile>entry# exit
config>system>security>profile# entry 2
config>system>security>profile>entry$ match "show"
config>system>security>profile>entry# exit
config>system>security>profile# entry 3
config>system>security>profile>entry$ match "exit"

The following example displays the user profile output:

ALU-1>config>system>security# info
----------------------------------------------
...
            profile "ghost"
                default-action permit-all
                entry 1
                    match "configure"
                    action permit
                exit
                entry 2
                    match "show"
                exit
                entry 3
                    match "exit"
                exit