Lock Local Authorization Method
Contents
1 Description
This instruction describes how to lock the local authorization method.
The administrator can lock the local authorization to give full access to all resources to all users authenticated by the Lightweight Directory Access Protocol (LDAP). In this case, all Managed Object (MO) operations, MO actions, and Ericsson Command-Line Interface (ECLI) commands are allowed.
Locking is done in maintenance situations.
2 Procedure
2.1 Lock Local Authorization Method
Prerequisites
- No documents are required.
- No tools are required.
- The following conditions must apply:
- The user has the System Security Administrator role.
- The administrative state is UNLOCKED.
- An ECLI session in Exec mode is in progress.
Steps
- Navigate to the LocalAuthorizationMethod MO, for example:
>dn ManagedElement=NODE06ST,SystemFunctions=1,SecM=1,UserManagement=1,LocalAuthorizationMethod=1
- Enter Config mode:
(LocalAuthorizationMethod=1)>configure
- Lock the local authorization method:
(config-LocalAuthorizationMethod=1)>administrativeState=LOCKED
- Commit the setting:
(config-LocalAuthorizationMethod=1)>commit
- Verify the result:
(LocalAuthorizationMethod=1)>show
The following is an example output:
LocalAuthorizationMethod=1 administrativeState=LOCKED [...]
- Note:
- All users authenticated by LDAP now have full access to the complete MOM including all security MOs.