Forum Discussion
thagmann_128177
Nimbostratus
NimbostratusBIGIP 9.0 - Root vs. Other Accounts
Based on iControl testing we are doing, when we try to auth an IControl request to the BIGIP using the root account/correct pass we keep getting "401: Authorization Required" errors. When I do the sa...
Hi Tom,
1- Yes, iControl calls are split in terms of access. Any BIGIP users will belong to one of 3 classes: Administrators, Operators, or Guests. The user and his/her corresponding access level is created from the Web GUI. Although there might be some minor variances in how access is controlled between the GUI and iControl, but in general, it's very similar. If an iControl user is an Administrator, he/she can make any method call. If the user is an Operator, he/she can do get/query/find/is methods, as well as enabling/disabling virtual addresses and virtual servers, and also up/down nodes/pool members. If the user is a Guest, he/she can only have read access, i.e. get/query/find/is type of iControl methods.
2- There's a separate section that controls authentication/access for iControl within the same httpd.conf file.
Hope this helps.
Loc
