Hi Dave,
Thanks for you suggestion.
I understand it is much simpler to use "rouser", but my requirement is that I
should be able to define views and be able to associate a user to a particular
view.
For example, a view "testView" may include everything and exclude a particulat
set of tables/MIB, so my user should have access to that view. And I need to
have several users with different auth/priv privileges.
I also need to have support for V1 and V2.
How should I configure for such a case.
Kindly suggest.
Thanks & Regards,
Kapil.
________________________________
From: dave.shi...@googlemail.com on behalf of Dave Shield
Sent: Wed 2/10/2010 2:07 PM
To: Srikapilan Gandhi (WT01 - Telecom Equipment)
Cc: net-snmp-coders@lists.sourceforge.net
Subject: Re: MIB output given even if snmpv3 user configured with diff
privileges
On 10 February 2010 07:34, <srikapilan.gan...@wipro.com> wrote:
> group operator usm user1
> rouser user1
You are mixing two styles of access control.
Either use "rouser" *OR* use "view/group/access"
Do NOT try to mix the two - particularly with the same username.
> But, my query for any of my MIB is yeilding output even if I use "-l
> noAuthNoPriv" for user1
Correct.
That's what you configured using the line:
access operator "" any noauth exact _all_ _none_ _all_
(since "user1" is part of the group "operator").
Note the token "noauth" in this line.
> The above query should not yeild output as "user1" is configured as
> anthNoPriv.
Wrong - see above.
> I need VACM and my agent should support all SNMP V1,V2 and V3.
I'd strongly suggest that you stick to the
"r[ow]{user,community}" directives throughout.
They are much simpler than the group/access approach,
and you're much less likely to make this sort of configuration error.
Dave
------------------------------------------------------------------------------
SOLARIS 10 is the OS for Data Centers - provides features such as DTrace,
Predictive Self Healing and Award Winning ZFS. Get Solaris 10 NOW
http://p.sf.net/sfu/solaris-dev2dev
_______________________________________________
Net-snmp-coders mailing list
Net-snmp-coders@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/net-snmp-coders