Creating a Remote Profile
Remote profiles are used to assign a specific set of roles to users when remote authentication and authorization are enabled in Junos Space Network Management Platform. A remote profile is a collection of roles defining the set of functions that a user is allowed to perform in Junos Space Network Management Platform.
To create a remote profile:
- On the Junos Space Network Management Platform user interface,
select Role Based Access Control > Remote Profiles.
The Remote Profiles page is displayed.
- Click the Create Remote Profile icon on the
The Create Remote Profile page appears, displaying the Role Assignment area.
- In the Name field, enter a name for the remote
The remote profile name cannot exceed 32 characters. The profile name can contain letters and numbers and can include a hyphen (-), underscore (_), or period (.).
- In the Description field, enter a description
for the remote profile.
The remote profile description cannot exceed 256 characters. The description can contain letters and numbers and can include a hyphen (-), underscore (_), period (.), or comma (,).
- Select the GUI Access and API Access check boxes depending on the type of access you want to allow for
the remote profile.
By default, the remote profile is able to access both the GUI and API. You should select at least one access type to successfully create a remote profile.
- In the Job Management View section, retain
the selection of View User’s Own Jobs Only to enable
remote users associated with this remote profile to view only their
own jobs on the Job Management page. This option is selected by default,
which means that all users can view only their own jobs.
To allow a remote user associated with this remote profile to view all jobs triggered by all Junos Space users, select View All Jobs. By default, a user with the Super Administrator or Job Administrator role can view jobs of all users. When you create or modify a user with the Super Administrator or Job Administrator role, the Job Management View section is disabled and you cannot prevent such users from viewing all jobs.
After an upgrade to Junos Space Release 14.1 or later, remote users who are not assigned to the Super Administrator or Job Administrator role can view only their own jobs on the Job Management page. They cannot view jobs triggered by other users.
- Use the double list box to select roles for the remote profile. Select one or more roles from the Available list box. Selected roles appear in the Selected list box. Use the right arrow to move the selected roles to the Selected list box. Use the left arrow to move roles from the Selected list box back to the Available list box. You can also double-click a role to move it from one list to the other. You see the details of selected roles appear in the right pane of the page.
- Click Next.
The Domain Assignment area appears, displaying all available domains.
- Select domains where the user can operate.
- Click Finish.
A new remote profile is added.
Remote profiles can be modified, deleted, and tagged.
A user is not allowed to log in if the remote profile specified in the remote server does not exist in the local database. The message "No roles assigned for this user" is displayed on the login page. This information is logged in the audit log.