Cisco Bug: CSCtc57788 - Allow read-only role to be disabled for users
Feb 01, 2017
- Cisco Unified Computing System
Known Affected Releases
Symptom: UCSM does not allow the read-only role to be disabled for any user: ucs-6120-1-A /security/local-user # sh conf enter local-user test enter role admin enter role read-only set email "" set firstname "" set lastname "" ! set password set phone "" set sshkey none set sshkey ENDOFBUF exit ucs-6120-1-A /security/local-user # ucs-6120-1-A /security/local-user # delete role read-only ucs-6120-1-A /security/local-user* # commit-buffer Error: Update failed: [role read-only can not be deleted from user test] The read-only role allow user to have read access to all configuration, which might not be desirable. For example, in a setup with different network admin and server admin responsibilities, usually the network admin will have no access to the server configuration, and vice-versa; since the read-only role cannot be disabled, the UCSM cannot cleanly support setup with split network and server admin responsibilities. Conditions: Enhancement request.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases