Group access levels

The switch supports eight predefined group access levels, shown in the following table. There are four levels for use by version 3 users and four are used for access by version 2c or version 1 management applications.

Predefined group access levels
Group name	Group access type	Group read view	Group write view
managerpriv	Ver3 Must have Authentication and Privacy	ManagerReadView	ManagerWriteView
managerauth	Ver3 Must have Authentication	ManagerReadView	ManagerWriteView
operatorauth	Ver3 Must have Authentication	OperatorReadView	DiscoveryView
operatornoauth	Ver3 No Authentication	OperatorReadView	DiscoveryView
commanagerrw	Ver2c or Ver1	ManagerReadView	ManagerWriteView
commanagerr	Ver2c or Ver1	ManagerReadView	DiscoveryView
comoperatorrw	Ver2c or Ver1	OperatorReadView	OperatorReadView
comoperatorr	Ver2c or Ver1	OperatorReadView	DiscoveryView

SNMPv3 Params and Group Configs Combinations
SNMPv3 Params	SNMPv3 group	Snmpv3 user config
noauth (no authentication and no privacy)	operatornoauth	snmpv3 user "user1"
auth (authentication and no privacy)	managerpriv, managerauth,operatorauth, operatornoauth	snmpv3 user "user1" auth md5 "45800d22ccb8b485ab52fe2d8b92ea85"
priv (authentication and privacy)	managerpriv, managerauth,operatorauth, operatornoauth	snmpv3 user "user1" auth md5 "45800d22ccb8b485ab52fe2d8b92ea85" priv des "45800d22ccb8b485ab52fe2d8b92ea85"

Each view allows you to view or modify a different set of MIBs:

Manager Read View – access to all managed objects
Manager Write View – access to all managed objects except the following:
- vacmContextTable
- vacmAccessTable
- vacmViewTreeFamilyTable
OperatorReadView – no access to the following:
- icfSecurityMIB
- hpSwitchIpTftpMode
- vacmContextTable
- vacmAccessTable
- vacmViewTreeFamilyTable
- usmUserTable
- snmpCommunityTable
Discovery View – Access limited to samplingProbe MIB.

NOTE:

All access groups and views are predefined on the switch. There is no method to modify or add groups or views to those that are predefined on the switch.