Open topic with navigation
AdminClients action parameter is deprecated for Controller version 11.5.0 and later. HPE recommends that you use authorization roles instead. See Authorization Roles Configuration Parameters.
AdminClients configuration parameter is still available for existing implementations, but it might be incompatible with new functionality. The parameter might be deleted in future.
AdminClients parameter specifies the IP addresses (or host names) of clients that are permitted to send administrative commands to the ACI Port. Separate multiple addresses with commas. There must be no space before or after the comma.
You can use wildcards in the IP address. For example,
187.*.*.* includes any machine with an IP address that starts with
187. You can also filter the
AdminClients parameter using CIDR notation.
Adding a client to
AdminClients does not enable it to send service actions. To enable a client to send service actions, you must add the IP address or host name to the ServiceControlClients or ServiceStatusClients.
You can also configure client permissions by using the
[AuthorizationRoles] configuration section. This section provides a more flexible method for setting up user authorization, and also allows you to set up permissions by using SSL identities or GSS principals. See Authorization Roles Configuration Parameters.
Configuring an authorization role with StandardRoles set to
Admin overrides the default value for
To disable authorization by client IP address, set this parameter to
"". In this case, Controller uses the options that you set in the
[AuthorizationRoles] section only.