Forum Discussion
NimbostratusRole wise access for different partition
Hi,
We are planning to deploy F5 4000 appliance which will be logically isolated with four partition assosiated with four route domains. For management purpose, differnt teams will have access to these four partition. We have AD, TACACS in place which can be used for remote user authentication. Query- 1)Is it possible to allow management access for different groups to different partition? 2)And granular level access to individual partition. {e.g. Access for partition-A to different groups (defined in AD or TACACS) with differnet level of privilages} ?
3 Replies
- nitass
Employee
1)Is it possible to allow management access for different groups to different partition? 2)And granular level access to individual partition. {e.g. Access for partition-A to different groups (defined in AD or TACACS) with differnet level of privilages} ?
i never tested but i think F5-LTM-User-Info-1 and F5-LTM-User-Partition attributes may be usable.
v.10 - Remote Authorization via TACACS+ by Jason Rahm
https://devcentral.f5.com/articles/v10-remote-authorization-via-tacacs-43 
PragathishakartYou can define access level for different groups. First you need to create users and define the role (Resource administrator, Manager, Guest et cetera). According to the role privilege, the access rights are limited to create/edit/delete objects in the various partitions.
- Pragathishakart
Below link provide the brief on User roles, access privileges and partition rights for users.
http://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/tmos_management_guide_10_1/tmos_users.html
