Configure access policies 编辑
Access policies define permissions. A policy can be applied to a single user or group, or to multiple users and multiple groups. Citrix Application Delivery Management (ADM) provides four predefined access policies:
adminpolicy. Grants access all Citrix ADM features. The user has both view and edit permissions, can view all Citrix ADM content, and can perform all edit operations. That is, the user can perform add, modify, and delete operations on the resources.
readonlypolicy. Grants read-only permissions. The user can view all content on Citrix ADM, but is not authorized to perform any operations.
appAdminPolicy. Grants administrative permissions for accessing the application features in Citrix ADM. A user bound to this policy can add, modify, and delete custom applications, and can enable or disable the services, service groups, and the various virtual servers, such as content switching, cache redirection, and HAProxy virtual servers.
appReadOnlyPolicy. Grants read-only permission for application features. A user bound to this policy can view the applications, but cannot perform any add, modify, or delete, enable, or disable operations.
Note The predefined policies cannot be edited.
You can also create your own (user-defined) policies.
To create user-define access policies:
In Citrix ADM, navigate to Settings > User Administration > Access Policies.
Click Add.
In the Policy Name field, enter the name of the policy, and enter the description in the Policy Description field.
The Permissions section lists of all Citrix ADM features, with options for specifying read-only, enable-disable, or edit access.
Click the (+) icon to expand each feature group into multiple features.
Select the permission check box next to the feature name to grant permissions to the users.
View: This option allows the user to view the feature in Citrix ADM.
Enable-Disable: This option is available only for the Network Functions features that allow enable or disable action on Citrix ADM. User can enable or disable the feature. And, user can also perform the Poll Now action.
When you grant the Enable-Disable permission to a user, the View permission is also granted. You cannot deselect this option.
Edit: This option grants the full access to the user. User can modify the feature and its functions.
If you grant the Edit permission, both View and Enable-Disable permissions are granted. You cannot deselect the auto-selected options.
If you select the feature check box, it selects all the permissions for the feature.
Note
Expand Load Balancing and GSLB to view more configuration options.
In the following image, the configuration options of the Load Balancing feature have different permissions:
The View permission is granted to a user for the Virtual Servers feature. User can view the load balancing virtual servers in Citrix ADM. To view virtual servers, navigate to Infrastructure > Network Functions > Load Balancing and select the Virtual Servers tab.
The Enable-Disable permission is granted to a user for the Services feature. This permission also grants the View permission. User can enable or disable the services bound to a load balancing virtual server. Also, user can perform Poll Now action on services. To enable or disable services, navigate to Infrastructure > Network Functions > Load Balancing and select the Services tab.
Note
If a user has the Enable-Disable permission, the enable or disable action on a service is restricted in the following page:
Navigate to Infrastructure > Network Functions.
Select a virtual server and click Configure.
Select the Load Balancing Virtual Server Service Binding page. This page displays an error message if you select Enable or Disable.
The Edit permission is granted to a user for the Service Groups feature. This permission grants the full access where View and Enable-Disable permissions are granted. User can modify the service groups that are bound to a load balancing virtual server. To edit service groups, navigate to Infrastructure > Network Functions > Load Balancing and select the Service Groups tab.
Click Create.
Grant StyleBook permissions to users
You can create an access policy to grant StyleBook permissions such as import, delete, download, and more.
Note
The View permission is automatically enabled when you grant other StyleBook permissions.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论