-
-
Citrix ADC automation using Citrix ADM in Cisco ACI hybrid mode
-
Citrix ADC device package in Cisco ACI's cloud orchestrator mode
-
This content has been machine translated dynamically.
Dieser Inhalt ist eine maschinelle Übersetzung, die dynamisch erstellt wurde. (Haftungsausschluss)
Cet article a été traduit automatiquement de manière dynamique. (Clause de non responsabilité)
Este artículo lo ha traducido una máquina de forma dinámica. (Aviso legal)
此内容已经过机器动态翻译。 放弃
このコンテンツは動的に機械翻訳されています。免責事項
이 콘텐츠는 동적으로 기계 번역되었습니다. 책임 부인
Este texto foi traduzido automaticamente. (Aviso legal)
Questo contenuto è stato tradotto dinamicamente con traduzione automatica.(Esclusione di responsabilità))
This article has been machine translated.
Dieser Artikel wurde maschinell übersetzt. (Haftungsausschluss)
Ce article a été traduit automatiquement. (Clause de non responsabilité)
Este artículo ha sido traducido automáticamente. (Aviso legal)
この記事は機械翻訳されています.免責事項
이 기사는 기계 번역되었습니다.책임 부인
Este artigo foi traduzido automaticamente.(Aviso legal)
这篇文章已经过机器翻译.放弃
Questo articolo è stato tradotto automaticamente.(Esclusione di responsabilità))
Translation failed!
Configure groups
In Citrix Application Delivery Management (ADM), a group can have both feature-level and resource-level access. For example, one group of users might have access to only selected Citrix ADC instances; another group to only a selected few applications, and so on. When you create a group, you can assign roles to the group, provide application-level access to the group, and assign users to the group. All users in that group are assigned the same access rights in Citrix ADM.
To create user groups and assign roles to user groups:
-
In Citrix ADM, navigate to System > User Administration > Groups.
-
Click Add.
-
In the Group Name field, enter the name of the group.
-
In the Group Description field, type in a description of your group. Providing a good description of the group helps you to understand the role and function of the group in a better way at a later point.
-
In the Roles section, add or move one or more roles to the Configured list.
Note Under the Available list, you can click New or Edit and create or modify roles. Alternatively, you can navigate to System > User Administration > Users and create or modify users.
Note
You can create a new role by clicking New, or you can navigate to System > User Administration > Users and create new users from this screen.
-
Click Next. On the Authorization Settings tab, you can provide authorization settings for the following four groups:
-
Instances
-
Applications
-
Configuration Templates
-
StyleBooks
By default, your user can access all the above groups. You can clear the check boxes and provide selective access for each of these groups.
For example:
-
You can clear Instances check box and select only the required instances that you want to provide access to your users.
-
Clear All Applications check box and select only the required applications and templates. When you add applications to a group in Citrix ADM, you can use regex to search and add the applications that meet the regex criteria for the groups. The users who are bound to these groups can access only those specific applications. The regex expression specified is persisted in Citrix ADM. That is, Citrix ADM allows the regex provided in the Add Regular Expression text box to be stored in the system and dynamically updates the authorization scope whenever new applications meet this regex expression. When new applications are added to the system, Citrix ADM applies the search criteria to the new applications, and the application that meets the criteria is dynamically added to the group. You do not have to manually add the new applications to the group. The applications are updated dynamically in the system, and the respective group users can see the applications under appropriate modules in Citrix ADM.
-
Clear All Configuration templates check box to allow access to only the required templates.
-
Clear All StyleBooks check box and select the required StyleBooks that your user can access.
You can select the required StyleBooks when you create groups and add users to that group. When your user selects the permitted StyleBook, all dependent StyleBooks are also selected. The config packs of that StyleBook are also included in what the user has access to.
-
Clear All DNS Domain Names check box and add the domain names from the list that you want your users to access.
-
-
Click Create Group.
-
In the Assign Users tab, select the user from the Available list and add the user to the Configured list. For example, “dadmin”.
Note You can also add new users by clicking New.
-
Click Finish.
Note
As a Citrix ADM admin, you can provide either “view-only” permission or “view and edit” permission to your users for individual ADM module UIs based on access policy settings in RBAC. If the user is assigned to two or more groups, that is, if the user is internally mapped to more than one authorization scope and more than one access policy, ADM takes a union of all those groups’ permissions and authorizes the user accordingly.
For example, consider that User1 is assigned to a group that has two access policies, P1 and P2. Each policy has a different type of permission. P1 has “read-only” permission, while P2 has “view and edit” permission. You want your user to view a set of applications as part of the P1 policy, and edit a different set of applications as part of the P2 policy. But as a default behavior, Citrix ADM combines the two permission types and assigns the “view and edit” permission to the user. So your user will now be able to view and edit all the applications.
ADM doesn’t support such use cases where you can assign different types of permissions to the same user. You can assign only one type of permission to your users. ADM can either allow User1 to view all apps or a selected set of apps, or allow User1 to view and edit all apps or selected set of apps.
Mapping of RBAC when upgrading Citrix ADM from 12.0 to 12.1
When you upgrade Citrix ADM from 12.0 to 12.1, you do not see the options to provide “read-write” or “read” permissions while creating groups. These permissions have been replaced by “roles and access policies,” which give you more flexibility to provide role-based permissions to the users. The following table shows how the permissions in release 12.0 are mapped to release 12.1:
| 12.0 | Allow Applications Only | 12.1 |
|---|---|---|
| admin read-write | False | admin |
| admin read-write | True | appAdmin |
| admin read-only | False | readonly |
| admin read-only | True | appReadonly |
Share
Share
This Preview product documentation is Citrix Confidential.
You agree to hold this documentation confidential pursuant to the terms of your Citrix Beta/Tech Preview Agreement.
The development, release and timing of any features or functionality described in the Preview documentation remains at our sole discretion and are subject to change without notice or consultation.
The documentation is for informational purposes only and is not a commitment, promise or legal obligation to deliver any material, code or functionality and should not be relied upon in making Citrix product purchase decisions.
If you do not agree, select Do Not Agree to exit.