Users Access Control table

Revised for CPX 4.7.0.
Configuration of Users Access Control table
Details of the Users Access Control table parameters



Configuration of Users Access Control table top

In the Users Access Control Table, user entries can be added/modified/deleted while Abilis CPX is working. Changes made on the table do not need the Abilis CPX to be restarted: they are immediately active.

The "Not Saved (SAVE CONF)" message is displayed every time the table is modified but not saved with the SAVE CONF command.

Commands for managing the Users Access Control Table are described in the section Commands related to Users Access Control table.

The following commands are available:

A USER:
C USER:
D USER
D USER:
D USERE
D USERE:
S USER:
F USER:

Users Access Control Table can store up to 151 user's entries. It holds by default an user entry defined for the system administrator user and identified by the "admin" name.

The system administrator user record has the following main characteristics:

Here it is a sample of the system administrator user's record default settings:

[11:36:01] ABILIS_CPX: D USERE:admin

Parameter:   |Value:
------------------------------------------------------------------------------
USER:         admin
PASSWORD:     
ENABLED:      NO
PPP:          YES
PPP-AUTH:     CHAP
PPP-PO:       ANY
FTP:          YES
FTP-HOMEDIR:    
FTP-PROT:     PLAIN,SSL
HTTP:         YES
------------------------------------------------------------------------------

Here is an example of the command D USER execution. Displayed values are only examples. As it is possible to note, users defined with their most important configuration information are displayed only:

[12:18:37] ABILIS_CPX: D USER

USER:                             PASSWORD:  ENABLED: PPP: FTP: HTTP: 
------------------------------------------------------------------------------
admin                             *********  YES      YES  YES  YES      
Leo                                          YES      YES  YES  YES      
test                              *********  YES      YES  NO   NO      
testhttp                          *********  YES      NO   NO   YES     
testssl                           *********  YES      NO   YES  NO      

The full representation of the defined users properties can be shown using the D USERE command.

Details of the Users Access Control table parameters top


USER: User's name
no value from 1 up to 32 ASCII characters [33..126]

This parameter reprents the name of the user, i.e. the mnemonic with which a certain user is identified within the system.

Valid "USER:" names are strings of up to 32 ASCII characters in the range [33..126]. Spaces are not allowed. The case of the entered strings is preserved.
There is no difference between lowercase and uppercase characters. For example the following strings "MyUser", "MYUSER", "myuser" are equivalent.

There can be up to 151 users in the Users Access Control Table, each of one is unambiguously identified by the "USER:" parameter value.

Two or more entries with the same "USER:" value cannot be defined. If a new entry is going to be added and an entry with the same user name already exists in the table, the "USER ALREADY EXISTS" message is generated.

The table is alphabetically sorted on the base of the "USER:" parameter value and it is automatically resorted each time an entry is added or removed.


PASSWORD: User's password
no value from 0 up to 32 ASCII characters [33..126]

This parameter represents the password that can be optionally assigned to the user.

Valid "PASSWORD:" values are strings of 32 ASCII characters in the range [33..126]. Spaces are not allowed. The case of the entered password is preserved.

User's password are saved ciphered on disk. Once the value of the password is set, it is not visible anymore.
In the table, the value is opportunely masked by a tring of up to nine '*' (asterisk) characters, independently of the real password length.


ENABLED: User's enable/disable flag
YES NO, YES

This parameter allows to disable/enable run-time a certain user in the system, without removing him from the table.

The "admin" user's entry is disabled by default, and it cannot be enabled with an empty password.

All other users are enabled by default.


PPP-ENABLE: PPP enable/disable flag
NO NO, YES

This parameter allows to disable/enable run-time a certain user for the PPP protocol service.

The "admin" user's entry is enabled for the PPP protocol service by default, while all other users are disabled by default.


PPP-AUTH: PPP authentication protocol
CHAP PAP, CHAP, MSCHAPV1, MSCHAPV2, ALL

This parameter allows to select the PPP authentication protocol set for this user.

Values from the set [PAP, CHAP, MSCHAPV1, MSCHAPV2] can be joined using ',' (comma) character, in any order (e.g. "PAP,CHAP" or "CHAP,PAP"). The value "ALL" is used with the meaning of "all protocols".


PPP-PO: PPP port
ANY NONE, ANY, 0-999, 'ListName'

This parameter allows to select the PPP port for this user.

The "NONE" value, means that no port is accepted.

The "ANY" value, means that any ports is accepted.

A value in the range [0-999], can be used to select a specific PPP port.

The name of an list of type CP (i.e. CPX Ports) is also supported, if between primes, for example: 'My_List'. The selected list must be already defined in the Elements List


FTP-ENABLE: FTP enable/disable flag
NO NO, YES

This parameter allows to disable/enable run-time a certain user for the FTP protocol service.

The "admin" user's entry is enabled for the FTP protocol service by default, while all other users are disabled by default.


FTP-HOMEDIR: FTP home directory
no value from 0 up to 128 characters

This parameter allows to select the FTP protocol service home directory for this user.

Valid "FTP-HOMEDIR:" values are can be strings of up to 128 characters, initiating and terminated by the '/' (slash) character.
Case is preserved. Spaces are allowed. Strings holding spaces must be written between quotation marks (E.g.: "/str1/str2 str3/").


FTP-PROT: FTP access protocol
PLAIN, SSL PLAIN, SSL

This parameter allows to set the FTP access protocol for this user.

Values from the set [PLAIN, SSL] can be joined using ',' (comma) character, in any order (e.g. "PLAIN,SSL" or "SSL,PLAIN").


HTTP-ENABLE: HTTP enable/disable flag
NO NO, YES

This parameter allows to disable/enable run-time a certain user for the HTTP protocol service.

The "admin" user's entry is enabled for the HTTP protocol service by default, while all other users are disabled by default.

printPrint this page