User Interfaces, User Types, and How To Transition Between Them
These topics describe the GUI and CLI interfaces used by Cisco EPN Manager, and how to transition between the Cisco EPN Manager and Linux CLI interfaces.
User Interfaces and User Types
The following table describes the user interfaces employed by Cisco EPN Manager (CEPNM), and the types of users that can access each interface.
CEPNM User Interface |
Interface Description |
CEPNM User Types |
||
---|---|---|---|---|
CEPNM web GUI |
Web interface that facilitates day-to-day and administration operations using the web GUI. These users can have varying degrees of privileges and are classified into role-based access control (RBAC) classes and subclasses. This interface provides a subset of operations that are provided by the Cisco EPN Manager CLI admin and CLI config users. |
Cisco EPN Manager web GUI everyday users—Created by web GUI root user . These users have varying degrees of privileges and are classified into role-based access control (RBAC) classes and subclasses called user groups (Admin, Super Users, Config Managers, and so forth). For information on the user groups, see Types of User Groups. Cisco EPN Manager web GUI root user—Created at installation and intended for first-time login to the web GUI, and for creating other user accounts. This account should be disabled after creating at least one web GUI user that has Admin privileges—that is, a web GUI user that belongs to the Admin or Super Users user group. See Disable and Enable the Web GUI root User.
|
||
North Bound Interface (NBI) REST API |
NBI is REST Application Programming Interface that allows a client system to talk to CEPNM to carry out day-to-day and administration operations. Special privileged service account users are assigned to a client system to allow talking to CEPNM using this interface. These NBI users can also have varying degrees of privileges and are also classified into role-based access control (RBAC) classes and subclasses. |
Cisco EPN Manager NBI users—Created by web GUI root user . These users have three different types of privileges and are classified into role-based access control (RBAC) classes and subclasses called NBI user groups (NBI Read, NBI Write, NBI Credential). For information on the user groups, see section User Groups—NBI |
||
CEPNM Admin CLI |
Cisco proprietary shell which provides secure and restricted access to the system (as compared with the Linux shell). This Admin shell and CLI provide commands for advanced Cisco EPN Manager administration tasks. These commands are explained throughout this guide. To use this CLI, you must have Cisco EPN Manager CLI admin user access. You can access this shell from a remote computer using SSH. |
Cisco EPN Manager CLI Admin user—Created at installation time and used for administration operations such as stopping and restarting the application and creating remote backup repositories. (A subset of these administration operations are available from the web GUI). To display a list of operations this user can perform, enter ? at the prompt. Some tasks must be performed in config mode. To transition to config mode, use the procedure in Transition Between the Cisco EPN Manager admin CLI and Cisco EPN Manager config CLI.
These users may have admin-like privilege/roles or lower level privileges as defined during creation time. To create a Cisco EPN Manager CLI user with admin privileges, run the username command with the admin keyword; otherwise, use the user keyword. |
||
CEPNM Config CLI |
Cisco proprietary shell which is restricted and more secure than the Linux shell. This Config shell and CLI provide commands for Cisco EPN Manager system configuration tasks. These commands are explained throughout this guide. To use this CLI, you must have admin-level user access (see the information in the User Types column of this table). You can access this shell from the Admin CLI shell. |
|||
Linux CLI |
Linux shell which provides all Linux commands. The Linux shell should only be used by Cisco technical support representatives. Regular system administrators should not use the Linux shell. You cannot reach this shell from a remote computer using SSH; you can only reach it through the Cisco EPN Manager admin shell and CLI. |
Linux CLI admin user—Created at installation time and used for Linux-level administration purposes. This admin user can get root-level privileges by following the procedure in Log In and Out as the Linux CLI root User. Tasks that require root-level permissions should only be performed by Cisco Support teams to debug product-related operational issues. For security purposes, the Linux CLI admin and root users should be disabled; see Disable and Enable the Linux CLI Users in Cisco EPN Manager. |
How to Transition Between the CLI User Interfaces in Cisco EPN Manager
The following figure illustrates how to transition between the Cisco EPN Manager and Linux CLI user interfaces on deployments running Cisco EPN Manager.
Transition Between the Cisco EPN Manager admin CLI and Cisco EPN Manager config CLI
To move from the Cisco EPN Manager admin CLI to the Cisco EPN Manager config CLI, enter config at the admin prompt.
(admin)# config
(config)#
To move from the config CLI back to the admin CLI, enter exit or end at the config prompt:
(config)# exit
(admin)#
Log In and Out as the Linux CLI root User
The Linux CLI has two shell users: One with administrative access (Linux CLI admin user), and another with root access (Linux CLI root user). The diagram in How to Transition Between the CLI User Interfaces in Cisco EPN Manager illustrates the flow for logging in and out as the various CLI users.
To log in as the Linux CLI root user, you will have to transition from being the Cisco EPN Manager CLI admin user to the Linux CLI admin user to the Linux CLI root user. The following procedure gives you the exact steps you must follow.
Before you begin
If the Linux CLI user is disabled, re-enable it. See Disable and Enable the Linux CLI Users in Cisco EPN Manager.
Procedure
Step 1 |
To log in as the Linux CLI root user: |
Step 2 |
To exit: |