The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
This chapter contains the following sections:
AAA enables the security appliance to determine who the user is (authentication), what the user can do (authorization), and what the user did (accounting). Cisco XNC uses Remote Authentication Dial-In User Service (RADIUS) or Terminal Access Controller Access-Control System Plus (TACACS+) to communicate with a AAA server.
Remote authentication and authorization is supported using the AAA server. For each user to be authenticated, Cisco XNC uses both the login credentials and an attribute-value (AV) pair that assigns the authorized role for the user is configured as part of the user administration. After successful authentication, the Cisco AV pair is returned to Cisco XNC for resource access authorization.
If you chose RADIUS as the protocol for the AAA server, you need to configure user authentication for RADIUS.
User authorization on a RADIUS server must conform to the Cisco Attribute-Value (av-pair) format.
shell:roles="Network-Admin Slice-Admin" |
Cisco XNC uses users and roles to manage user access. You can assign more than one role to a user. This can be one of the following:
Each user is assigned a role, which determines the permissions that they have. Slice users are assigned to both a role and a slice. The Admin user with the Network Administrator role is created by default when you install Cisco XNC.
After creating a user, you can change the password, but you cannot change the roles assigned to the user.
Step 1 | On the Admin drop-down list, choose Users. | ||||||||||||||||
Step 2 | In the User Management dialog box, click Add User. | ||||||||||||||||
Step 3 | In the
Add
User dialog box, complete the following fields:
| ||||||||||||||||
Step 4 | Click Add User. | ||||||||||||||||
Step 5 | In the User Management dialog box, click Close. |
Step 1 | On the Admin drop-down list, choose Users. |
Step 2 | In the User Management dialog box, click on the user that you want to modify. |
Step 3 | In the Edit User dialog box, click Change Password. |
Step 4 | In the Change Password dialog box, enter the new password and then enter it a second time to verify. |
Step 5 | Click Submit. |
Step 6 | In the User Management dialog box, click Close. |
If you are signed in as a particular user, you cannot delete that user.
Note | The cluster management dialog boxes are read-only. |
You must have configured high availability clustering in order to view the cluster management information. See the Cisco Extensible Network Controller Deployment Guide.
Step 1 | On the
Admin drop-down list, choose
Clusters.
The Cluster Management dialog box lists the IP addresses of all of the Cisco XNC instances in the cluster. Clusters can be denoted by one of the following icons: |
Step 2 | In the
Cluster
Management dialog box, choose a cluster.
The Connected Nodes dialog box lists all of the nodes in the selected cluster. |
Step 3 | In the Connected Nodes dialog box, click Close. |
Step 4 | In the Cluster Management dialog box, click Close. |
You can view all of Cisco XNC bundles that comprise the application by viewing the OSGi Web Console.
Note | This procedure does not provide a step-by-step guide to everything you can do in the OSGi Web Console for Cisco XNC Bundles. It a brief procedure that guides you in opening the OSGi Web Console and viewing Cisco XNC bundle information. |
Step 1 | On the Cisco XNC menu bar, click Admin and select OSGi. A new browser tab opens. |
Step 2 | Enter your User Name and Password, then press Enter. The Cisco XNC Bundles list is displayed. In this page you can view all of the active packages, filter on the package name to specify bundle names, and complete other tasks. |
Step 3 | When you are finished viewing the Cisco XNC Bundles, close the browser tab. |