AAA - Restricted interface

About

If the user does not have administrator privileges the number of available commands are restricted.

Viewer

Below is presented a list of commands available to a built-in user having a viewer role.

hostname:/$> whoami
gertrude (viewer)
hostname:/$> help
show aaa Show Status of AAA
show aggregates Status of aggregated ports
show alarm [log] Alarm status, or show alarm log
show arp Show CPU ARP cache
batch Non-interactive mode
clear Clear screen.

pki Manage PKI settings, and enrollment of certificates.
show custom-trdp Show custom telegrams.
show dhcp-clients Show active DHCP clients. ...
dhcp-server [flush] Manage DHCP Server.
show sensor Display environment status: temperature, power, digital in and SFP ...
show fdb Forwarding database (ATU/MAC)
show partitions Show partition table
show flash-table Show active flash partition table. ...
frnt <..> Show/manage status/stats of FRNT rings
show ring [..] Status of ring protocols
show mrp Status of MRP rings
show coupling Status of Coupling instance(s).
show chaining Status of Chaining instance.
show history Show command history
show hsr-prp Status of HSR/PRP Redundancy instance(s).
ip System IP mode commands
ipv6 System IPv6 mode commands
show iface [..] Interface overview
show ifaces Interfaces overview
interactive Interactive mode
show lldp LLDP/CDP neighbours
lockout-policy <..> Account lockout policy ...
show ttdp TTDP neighbours
show monitor [ID] Port Monitor Overview
port [..] Manage or show port status. ...
ptp System PTP commands.
show policy Policy Filtering
rmon Enter RMON mode
show spanning-tree Status of Spanning Tree (RSTP). ...
show vlan [vid] IEEE 802.1Q VLAN
show vrrp Status of VRRP daemon.
show vrrp-legacy Status of VRRP daemon.

show ipconfig <..> Show legacy neighbour devices. ...
show <..> Show summary/status of COMMAND, or display contents of FILE. ...
ntp Show/Manage NTP clients ...
ssh-host-key [..] Ssh host key management ...

logout Logout, or quit the CLI.
show memory Display memory usage
show processes Display running processes
system-information Show system information
tutorial Brief introduction to the CLI
uptime Display system uptime
version Show currently running firmware build details
watchdog Show watchdog status, raw
users Show which users are online right now and from where.
whoami Show user ID.
ledflash [s] Flash all yellow port leds
show port-access Show status of port access control (IEEE 802.1X and MAC ...
metrics <..> Metrics status commands

id List Unix user id and group id(s).
status [..] Show the list of warnings and errors
______________________________________________________________________________
See "help all" or "help COMMAND" for more online help.
hostname:/$>

Guest

The guest role is deprecated and replaced by the viewer role (see above).

Operator

This is a list of commands available to a built-in user having an operator role:

hostname:/$> whoami
oswald (operator)
hostname:/$> help
show aaa Show Status of AAA
show aggregates Status of aggregated ports
show alarm [log] Alarm status, or show alarm log
show arp Show CPU ARP cache
audit System audit commands
batch Non-interactive mode
clear Clear screen.

pki Manage PKI settings, and enrollment of certificates.
show custom-trdp Show custom telegrams.
show dhcp-clients Show active DHCP clients. ...
dhcp-server [flush] Manage DHCP Server.
show sensor Display environment status: temperature, power, digital in and SFP ...
show fdb Forwarding database (ATU/MAC)
show partitions Show partition table
show flash-table Show active flash partition table. ...
frnt <..> Show/manage status/stats of FRNT rings
show ring [..] Status of ring protocols
show mrp Status of MRP rings
show coupling Status of Coupling instance(s).
show chaining Status of Chaining instance.
show history Show command history
show hsr-prp Status of HSR/PRP Redundancy instance(s).
ip System IP mode commands
ipv6 System IPv6 mode commands
show iface [..] Interface overview
show ifaces Interfaces overview
interactive Interactive mode
show lldp LLDP/CDP neighbours
lockout-policy <..> Account lockout policy ...
show ttdp TTDP neighbours
show monitor [ID] Port Monitor Overview
port [..] Manage or show port status. ...
ptp System PTP commands.
package Manage packages ...
show policy Policy Filtering
rmon Enter RMON mode
show spanning-tree Status of Spanning Tree (RSTP). ...
tunnel Tunnel handling
show vlan [vid] IEEE 802.1Q VLAN
show vrrp Status of VRRP daemon.
show vrrp-legacy Status of VRRP daemon.

show ipconfig <..> Show legacy neighbour devices. ...
ipcalc [..] An IP subnet calculator ...
ping <..> Ping a network host or group. ...
show [ARGS] Show summary/status of COMMAND, or display contents of FILE. ...
show factory-config [..] Factory configuration, default settings ...
show logfile [..] Show contents of a log file ...
show running-config [..] Currently running configuration, RAM only ...
show startup-config [..] Startup configuration, from built-in flash, USB, or SD card ...
show safe-config [..] Safe configuration, from built-in flash, USB, or SD card ...
show no-config [..] No configuration, from built-in flash, USB, or SD card ...
ntp Show/Manage NTP clients ...
ssh [..] Secure shell login to another host ...
ssh-host-key [..] Ssh host key management ...
telnet <..> Telnet login to another host
tcpdump <..> Capture traffic on a network interface. ...
traceroute <..> Trace the route packets take to a network host. ...
nslookup [SERVER] Query the nameserver for the IP address of the given HOST optionally using ...

media [..] Media related operations. ...
date [..] System date & time
diff Compare two configuration files, unidiff. ...
follow Continuously monitor a file, like UNIX 'tail -F'
logout Logout, or quit the CLI.
show memory Display memory usage
show processes Display running processes
reboot [cold] Reboot device with startup-config
system-information Show system information
tutorial Brief introduction to the CLI
uptime Display system uptime
upgrade <..> Upgrade all, primary (main), secondary (backup) or bootloader firmware. ...
firmware-checksum [..] Check the CRC of a firmware image on the device. ...
version Show currently running firmware build details
watchdog Show watchdog status, raw
users Show which users are online right now and from where.
whoami Show user ID.
boot Device specific bootstrap settings.
ledflash [s] Flash all yellow port leds
show port-access Show status of port access control (IEEE 802.1X and MAC ...
config-hash Shows the SHA256 hash of the running configuration ...
logging <..> Logging status commands
metrics <..> Metrics status commands

provisioning Port provisioning. ...
file File operations
id List Unix user id and group id(s).
status [..] Show the list of warnings and errors
______________________________________________________________________________
See "help all" or "help COMMAND" for more online help.
hostname:/$>

Auditor

This is a list of commands available to a built-in user having an auditor role:

hostname:/$> whoami
fredrik (auditor)
hostname:/$> help
show aaa Show Status of AAA
show aggregates Status of aggregated ports
show alarm [log] Alarm status, or show alarm log
show arp Show CPU ARP cache
audit System audit commands
batch Non-interactive mode
clear Clear screen.

pki Manage PKI settings, and enrollment of certificates.
show custom-trdp Show custom telegrams.
show dhcp-clients Show active DHCP clients. ...
dhcp-server [flush] Manage DHCP Server.
show sensor Display environment status: temperature, power, digital in and SFP ...
show fdb Forwarding database (ATU/MAC)
show partitions Show partition table
show flash-table Show active flash partition table. ...
frnt <..> Show/manage status/stats of FRNT rings
show ring [..] Status of ring protocols
show mrp Status of MRP rings
show coupling Status of Coupling instance(s).
show chaining Status of Chaining instance.
show history Show command history
show hsr-prp Status of HSR/PRP Redundancy instance(s).
ip System IP mode commands
ipv6 System IPv6 mode commands
show iface [..] Interface overview
show ifaces Interfaces overview
interactive Interactive mode
show lldp LLDP/CDP neighbours
lockout-policy <..> Account lockout policy ...
show ttdp TTDP neighbours
show monitor [ID] Port Monitor Overview
port [..] Manage or show port status. ...
ptp System PTP commands.
show policy Policy Filtering
rmon Enter RMON mode
show spanning-tree Status of Spanning Tree (RSTP). ...
show vlan [vid] IEEE 802.1Q VLAN
show vrrp Status of VRRP daemon.
show vrrp-legacy Status of VRRP daemon.

show ipconfig <..> Show legacy neighbour devices. ...
show <..> Show summary/status of COMMAND, or display contents of FILE. ...
ntp Show/Manage NTP clients ...
ssh-host-key [..] Ssh host key management ...

logout Logout, or quit the CLI.
show memory Display memory usage
show processes Display running processes
system-information Show system information
tutorial Brief introduction to the CLI
uptime Display system uptime
version Show currently running firmware build details
watchdog Show watchdog status, raw
users Show which users are online right now and from where.
whoami Show user ID.
ledflash [s] Flash all yellow port leds
show port-access Show status of port access control (IEEE 802.1X and MAC ...
metrics <..> Metrics status commands

id List Unix user id and group id(s).
status [..] Show the list of warnings and errors
______________________________________________________________________________
See "help all" or "help COMMAND" for more online help.
hostname:/$>

The auditor role has read-only access to the audit logs:

hostname:/$> whoami
fredrik (auditor)
hostname:/$> audit
hostname:/audit/$> help
list [..]          List the audit Categories and EventIDs that exist in the ... 
raw-category [..]  Show the audit log file by category.                         
raw                Show the audit log file.                                     
show               Show the audit ring buffer.                                  
status             Show the audit ring buffer status.                           
last NUMBER        Show the audit ring buffer last [N] entries.                 
range [START] NUM  Show the audit ring buffer in range [[START] NUM] entries.   
time [..]          Show the audit ring buffer in time range [[YYYY-MM[-DD]] [hh:mm[:ss]]] [[YY ...
from [..]          Show the audit ring buffer from time [[YYYY-MM[-DD]] ...     
to [..]            Show the audit ring buffer to time [[YYYY-MM[-DD]] ...       
search [..]        Show the audit ring buffer entries containing [STRING]. ...  
category CATEGORY  Show the audit ring buffer entries from category [CATEGORY]. 
______________________________________________________________________________
See "help all" or "help COMMAND" for more online help.
hostname:/audit/$>

Engineer

Similarly this is a list of commands available to a built-in user having an engineer role.

hostname:/$> whoami
jonas (engineer)
hostname:/$> help
show aaa Show Status of AAA
show aggregates Status of aggregated ports
show alarm [log] Alarm status, or show alarm log
show arp Show CPU ARP cache
audit System audit commands
batch Non-interactive mode
clear Clear screen.

pki Manage PKI settings, and enrollment of certificates.
show custom-trdp Show custom telegrams.
dhcp <..> Manage DHCP client. ...
show dhcp-clients Show active DHCP clients. ...
dhcp-server [flush] Manage DHCP Server.
show sensor Display environment status: temperature, power, digital in and SFP ...
show fdb Forwarding database (ATU/MAC)
show partitions Show partition table
show flash-table Show active flash partition table. ...
frnt <..> Show/manage status/stats of FRNT rings
show ring [..] Status of ring protocols
show mrp Status of MRP rings
show coupling Status of Coupling instance(s).
show chaining Status of Chaining instance.
show history Show command history
show hsr-prp Status of HSR/PRP Redundancy instance(s).
ip System IP mode commands
ipv6 System IPv6 mode commands
show iface [..] Interface overview
show ifaces Interfaces overview
interactive Interactive mode
show lldp LLDP/CDP neighbours
lockout-policy <..> Account lockout policy ...
show ttdp TTDP neighbours
show monitor [ID] Port Monitor Overview
port [..] Manage or show port status. ...
ptp System PTP commands.
package Manage packages ...
show policy Policy Filtering
rmon Enter RMON mode
show spanning-tree Status of Spanning Tree (RSTP). ...
tunnel Tunnel handling
show vlan [vid] IEEE 802.1Q VLAN
show vrrp Status of VRRP daemon.
show vrrp-legacy Status of VRRP daemon.

show ipconfig <..> Show legacy neighbour devices. ...
ipcalc [..] An IP subnet calculator ...
ping <..> Ping a network host or group. ...
show [ARGS] Show summary/status of COMMAND, or display contents of FILE. ...
show factory-config [..] Factory configuration, default settings ...
show logfile [..] Show contents of a log file ...
show running-config [..] Currently running configuration, RAM only ...
show startup-config [..] Startup configuration, from built-in flash, USB, or SD card ...
show safe-config [..] Safe configuration, from built-in flash, USB, or SD card ...
show no-config [..] No configuration, from built-in flash, USB, or SD card ...
ntp Show/Manage NTP clients ...
ssh [..] Secure shell login to another host ...
ssh-host-key [..] Ssh host key management ...
telnet <..> Telnet login to another host
tcpdump <..> Capture traffic on a network interface. ...
traceroute <..> Trace the route packets take to a network host. ...
nslookup [SERVER] Query the nameserver for the IP address of the given HOST optionally using ...

configure [terminal] Enter system configuration mode (running config). ...

copy [force] Copy configuration files, save config. ...
media [..] Media related operations. ...
date [..] System date & time
diff Compare two configuration files, unidiff. ...
follow Continuously monitor a file, like UNIX 'tail -F'
logout Logout, or quit the CLI.
show memory Display memory usage
show processes Display running processes
reboot [cold] Reboot device with startup-config
system-information Show system information
tutorial Brief introduction to the CLI
uptime Display system uptime
upgrade <..> Upgrade all, primary (main), secondary (backup) or bootloader firmware. ...
firmware-checksum [..] Check the CRC of a firmware image on the device. ...
version Show currently running firmware build details
watchdog Show watchdog status, raw
users Show which users are online right now and from where.
whoami Show user ID.
boot Device specific bootstrap settings.
ledflash [s] Flash all yellow port leds
show port-access Show status of port access control (IEEE 802.1X and MAC ...
config-hash Shows the SHA256 hash of the running configuration ...
logging <..> Logging status commands
metrics <..> Metrics status commands

provisioning Port provisioning. ...
encrypt-password <..> Sets a password to be used in encrypted-secrets.
file File operations
id List Unix user id and group id(s).
status [..] Show the list of warnings and errors
______________________________________________________________________________
See "help all" or "help COMMAND" for more online help.
hostname:/$>

The engineer role can configure most of the features, except some security related ones like AAA, PKI, audit log:

hostname:/$> whoami
jonas (engineer)
hostname:/$> config
hostname:/config/$> help
alarm             Alarm & Event settings                                        

lag           Manage link aggregates.                                       
port <..>         Physical port settings. ...                                   
vlan         IEEE 802.1Q VLAN settings                                     
vlans             Common settings for IEEE 802.1Q VLANs                         
iface     Interface IP settings. ...                                    
ip                System IP level settings                                      
ipv6              System IPv6 specific settings                                 
fdb               Forwarding database (MAC) settings                            
ring [..]         Manage Ring Protocols.                                        
router <..>       Dynamic routing protocols                                     
spanning-tree     Manage Spanning Tree (RSTP) settings                          
ntp               Network time settings                                         
ptp               Precision Time Protocol settings                              
system            Common system settings                                        
logging           Local and remote logging                                      
monitor       Port Monitoring/Mirroring                                     
dhcp-server <..>  DHCP server settings                                          
dhcp-relay        DHCP relay agent settings                                     
dns               DNS server/client settings                                    
tunnel <..>       VPN tunnel settings                                           
discover          Device discovery services, mDNS, SSDP                         
management        Device management services, HTTP, HTTPS, SSH, Telnet, SNMP    
lldp              LLDP daemon settings                                          
ttdp              TTDP settings                                                 
metrics           metrics settings                                              
hostname <..>     System hostname string (RFC1123)                              
location <..>     System location string                                        
contact    System contact string                                         
watchdog          Watchdog daemon settings. ...                                 
port-access       Port access control settings (IEEE 802.1X and MAC Auth)       
policy            Traffic filtering policy settings. Traffic filtering policies ...
hsr-prp       Manage HSR/PRP settings                                       
______________________________________________________________________________
See "help all" or "help COMMAND" for more online help.
hostname:/config/$>