Groups
On this page, you can define in detail the rights of individual groups that will be used for the management of technicians’ access to routers. Then you assign individual users (technicians) to the groups you have created. You may create as many groups with various rights as possible.
A new group can be added by clicking on + Add group. On the page that appears, enter the name of a given group and set the individual rights the way you want. You can also modify the settings in the overview of existing groups. There is a list of rights for each group along with information about how you have configured them (
/ 
). You can change the configuration by clicking on individual icons.
You can set the following rights:
| local | A given group of technicians is / is not allowed to log in through a local console. |
|---|---|
| telnet | A given group of technicians is / is not allowed to log in through telnet. |
| ssh | A given group of technicians is / is not allowed to log in through SSH. |
| ftp | A given group of technicians is / is not allowed to log in through FTP. Such technicians can read, write and delete. |
| reboot | A given group of technicians is / is not allowed to reboot a router. |
| read | A given group of technicians is only allowed to read. No configuration changes are possible. |
| write | A given group of technicians is / is not allowed to modify configurations (with the exception of user management - setting up further user accounts for access to routers). If you want to allow this group to read as well, you have to modify the read item accordingly. |
| policy | A given group of technicians is / is not allowed to set up further administrator accounts for access to routers. |
| test | A given group of technicians is / is not allowed to carry out the following tests: ping, traceroute, bandwidth-test, wireless scan, sniffer a snooper. |
| web | A given group of technicians is / is not allowed to log in through the web interface. |
| winbox | A given group of technicians is / is not allowed to log in through WinBox. |
| password | A given group of technicians is / is not allowed to change passwords to individual user accounts. |
| sensitive | A given group of technicians is / is not allowed to see sensitive data, such as passwords, wireless keys etc. |
| api | A given group of technicians is / is not allowed to log in through API. |
| sniff | A given group of technicians is / is not allowed to use a sniffer utility. |
You can edit a particular group by clicking on 
.
You can delete a particular group by clicking on 
.
