Understanding DefaultManagement User Roles

This role permits access only to AP provisioning commands and no access to other configuration commands on theMobility Master.

This role permits access to configuring guest users in themanaged device’s internal database only. This user only has access via the WebUI to create guest accounts; there is noCLICommand-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions.access.

Guest-provisioning tasks include creating or generating the user name and password for a guest account as well as configuring when the account expires.

This role permits access to locationAPIApplication Programming Interface. Refers to a set of functions, procedures, protocols, and tools that enable users to build application software.information and theCLICommand-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions.; however, you cannot use anyCLICommand-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions.commands. This role does not permit access to the WebUI.

Using a third-party location appliance, you can gather information about the location of802.11802.11 is an evolving family of specifications for wireless LANs developed by a working group of the Institute of Electrical and Electronics Engineers (IEEE). 802.11 standards use the Ethernet protocol and Carrier Sense Multiple Access with collision avoidance (CSMA/CA) for path sharing.stations.

To log in to themanaged deviceusing a third-party location appliance, enter:

http[s]://[:port]/screens/wms/wms.login.

You are prompted to enter your username and password (for example, the username and password associated with the locationAPIApplication Programming Interface. Refers to a set of functions, procedures, protocols, and tools that enable users to build application software.management role). Once authenticated, you can use anAPIApplication Programming Interface. Refers to a set of functions, procedures, protocols, and tools that enable users to build application software.调用请求所在点tion information from themanaged device, for example:

http[s]://[:port]/screens/wms/wms.cgi?opcode=wlm-get-spot&campus-name=&building-name&mac=,....

This role permits configuring a NBAPI management role.

Monitoring>Network>All Access PointsMonitoring
>Network>All Wired Access Points

You can view the reports created by the followingCLICommand-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions.commands:

DB:opcode=monitor-summary

DB:opcode=cr-load

DB:opcode=wlm-search&class=probes&start

DB:opcode=wlm-search&class=amii

DB:opcode=monitor-get-all-gps&status=any

show ap-group

show vlan status

Monitoring>Controller>ControllerSummary

You can view the reports created by the followingCLICommand-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions.commands:

show switches

show switches summary

Monitoring>Controller>Air Monitors

You can view the reports created by the followingCLICommand-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions.commands:

show wlan-ap start*

Monitoring>Controller>Clients

You can view the reports created by the followingCLICommand-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions.commands:

show ip mobile host

show ip mobile trail { | }

show ap essid

show esi servers

show esi ping

show esi parser stats

show private port status*

show vlan

show port stats

show spanning-tree interface fastethernet

show interface fastethernet counters

clear counters fastethernet

show snmp trap-queue

Monitoring>Controller>Clients>Packet CaptureMonitoring
>Controller>Clients>LocateMonitoring
>Controller>Clients>Debug

You can view the reports created by the followingCLICommand-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions.commands:

aaa user debug mac

Monitoring>Controller>Clients>Disconnect

You can view the reports created by the followingCLICommand-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions.commands:

stm kick-off-sta

aaa user logout

Monitoring>Controller>Clients>Blacklist

You can view the reports created by the followingCLICommand-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions.commands:

stm add-blacklist-client

aaa user delete { | all | mac | name | role }

Monitoring>Controller>Blacklist Clients

You can view the reports created by the followingCLICommand-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions.commands:

stm remove-blacklist-client

Monitoring>Controller>External Services Interface

You can view the reports created by the followingCLICommand-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions.commands:

show esi groups

show esi servers

show esi ping

show esi parser stats

Monitoring>Controller>Ports

You can view the reports created by the followingCLICommand-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions.commands:

show model-switch-internal*

show slots

show private port status*

show vlan

Monitoring>Controller>Inventory

You can view the reports created by executing the following command:

show keys

Monitoring>WLAN

You can view the reports created by the followingCLICommand-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions.commands:

DB:opcode=get-permissions

DB:opcode=cr-load

show switches

show switches summary

Monitoring>Voice

You can view the reports created by the followingCLICommand-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions.commands:

show ap association voip-only

show ap active voip-only

show voice call-counters

show voice client status

show voice call-quality

show voice call-density

show voice call-cdrs

show voice call-perf

This role permits access to all management functions (commands and operations) on themanaged device.

This role permits access toCLICommand-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions.show commands or WebUI monitoring pages only.

This role has root privileges but cannot make changes to the management users. The purpose of creating this role is to prevent changes to the local account from externally authenticated management user.