Managing rights for different administrators / Rights for the administrators
Parent topic: Rights for the administrators

Function rights

The following table is an overview of all function rights that are configurable for administrator accounts. The availability of individual function rights may vary, depending on the features of the device. If you wish to set the function rights at the CLI or with a script, you can optionally use the hexadecimal notation of the respective right instead of the plain text name. Learn more about this in section Hexadecimal combination of privileges on the CLI.

Table 1. Overview of function rights
Description: [1]LANconfig, [2]Setup menu Hex notation on the CLI Rights description
  1. AP Assignment Wizard
  2. WTP Assignment Wizard
 0x00000400 Wizard for assigning WLAN profiles
  1. Content Filter Wizard
  2. CF Profile Wizard
 0x00040000 Wizard for setting up the content filter
  1. Dynamic DNS Wizard
  2. Dynamic DNS Wizard
 0x00004000 Wizard for configuring dynamic DNS
  1. Setting date and time
  2. Time setting
 0x00000040 Setting the date and time (also applies for Telnet and TFTP)
  1. Basic Wizard
  2. Basic Settings Wizard
 0x00000001 Wizard for the Basic Settings
  1. Internet Connection Wizard
  2. Internet Connection Wizard
 0x00000004 Wizard for setting up the Internet connection
  1. LAN-LAN Wizard
  2. LANLAN Wizard
 0x00000020 Wizard for connecting two local area networks (VPN)
  1. Public Spot Wizard (create account)
  2. Public Spot Wizard
 0x00000800 Wizard for creating Public Spot user accounts*
  1. Public Spot Wizard (manage user)
  2. Public Spot user management Wizard
 0x00100000 Wizard for managing Public Spot user accounts*
  2. Public Spot Configuration Wizard
 0x00200000 Wizard for setting up a Public Spot
  1. Public-Spot-XML-Interface
  2. Public Spot XML interface
 0x00080000 Access to the XML interface of the Public Spot module
Note: A "normal" Public Spot administrator does not require this right. This right is intended for the implementation of complex authentication scenarios, such as when an external gateway (e.g. a machine or a program such as a Web server, script, etc.) needs to communicate with the module.
  1. RAS Wizard
  2. RAS Wizard
 0x00000010 Wizard for setting up dial-in access (RAS, VPN)
  1. Rollout Wizard
  2. Rollout Wizard
 0x00002000 Wizard for rollout scenarios*
  1. Security Wizard
  2. Security Wizard
 0x00000002 Wizard for adjusting the security settings
  1. SMS-Transmit
  2. SMS transmission
 0x400000 Sends SMS text messages via the 3G/4G WWAN module in the device.
  1. SSH client
  2. SSH command
 0x00020000 Establishes an SSH/Telnet connection from your device to other LCOS devices or SSH/Telnet servers
  1. Search for other devices in the LAN
  2. Device search
 0x00000080 Search for other devices in local and remote networks*
  1. VoIP Provider Wizard
  2. Prepare VoIP provider access
 0x800000 Wizard for setting up access to your VoIP provider
  1. VoIP CallManager Wizard
  2. VoIP CallManager Wizard
 0x8000 Assistant for setting up your VoIP CallManager
  1. WLAN Wizard
  2. WLAN Wizard
 0x00001000 Wizard for configuring the WLAN interface
  1. WLAN link test
  2. WLAN link test
 0x00000100 Runs the WLAN link tests* (also applies to Telnet)
  1. WLC-Profile-Wizard
  2. WLC-Profile-Wizard
 0x00010000 Wizard for setting up a WLC profile
  1. CA-Web-Interface Wizard
  2. CA-Web-Interface
 0x1000000 Creates profiles for the CA web interface

*) The permissions for and/or the execution of these Wizards or features relates exclusively to WEBconfig—unless otherwise stated. The Wizard or feature is either only available there (e.g. setting up and managing Public Spot users) or can only be constrained there (e.g. searching for devices).

Hexadecimal combination of privileges on the CLI

It can be a highly laborious process to configure multiple privileges by using plain text names in scripts. An alternative is to use the hex values instead of the names, to combine these values into a total, and to incorporate them into your script command.

The sum of several hex values results from the hexadecimal addition of the 1st, 2nd, 3rd ... nth position from the right. If, for example, the user should be able to execute features such as the Security Wizard, Provider Selection, RAS Wizard, Time Setting and the WLAN link test,, the sum of the individual hex values is calculated as follows:

For this example, the privileges have the value 0x0000015a. Put differently, this is an OR operator with the following hexadecimal values:

Name on the CLI Value
Security Wizard 0x00000002
Provider-Selection 0x00000008
RAS Wizard 0x00000010
Time setting 0x00000040
WLAN link test 0x00000100
   
OR operated 0x0000015a
Note: As an alternative to the notation 0x0000015a you can use the abbreviations 0000015a, 0x15a and 15a.

Configuration example on the CLI

The following command (in the abbreviated form) sets up a new user in the Admins table (in the Setup menu under Config > Admins) who, as local administrator NetAdmin with the password BW46zG29, is able to select the Internet provider. The user will be activated immediately:

set NetAdmin BW46zG29 yes Admin-RW 8
Important: Only the root administrator is allowed to execute this command because other administrators do not have access to the admin table.

The following command extends the privileges so that the user NetAdmin is able to execute the WLAN link test. The asterisks in the command stand for the values that remain unchanged:

set NetAdmin * * * 108
Important: Only the root administrator is allowed to execute this command because other administrators do not have access to the admin table.
Parent topic: Rights for the administrators

www.lancom-systems.com

LANCOM Systems GmbH | A Rohde & Schwarz Company | Adenauerstr. 20/B2 | 52146 Wuerselen | Germany | E‑Mail info@lancom.de

LANCOM Logo