Role-based Authorization
The Makito X decoder uses role-based authorization control to secure the Web interface and CLI. Administrators can create new accounts and thus allocate an account to each user of the system.
The Makito X decoder provides three defined account roles to assign privileges to users:
| Role | Default Username | Privileges |
|---|---|---|
Guest | user | Read-only access to the system. |
Operator | operator | All rights to configure A/V and stream settings. Does not include rights to reboot or upgrade the system, modify the network settings, or manage accounts. |
Administrator | admin | All access rights and Administrator privileges. |
The following table summarizes role-based access to functional modules
| Functional Module | Role | ||
|---|---|---|---|
| Guest | Operator | Administrator | |
| Operation | |||
| Streams | Read-only | Yes | Yes |
| Video Decoder | Read-only | Yes | Yes |
| Audio Decoder | Read-only | Yes | Yes |
| Administration | |||
| Network Configuration | - | - | Yes |
| System Status | Read-only | Yes | Yes |
| (Configuration) Presets | - | Yes | Yes |
| Firmware Upgrades | - | - | Yes |
| Services | - | - | Yes |
| Licensing | - | - | Yes |
| Still Images | - | - | Yes |
| Security | |||
| My Account/Accounts | Yes1 | Yes | Yes |
| Messages | - | - | Yes |
| Banner | - | - | Yes |
| Cryptographic Policies | - | - | Yes |
| Certificates | - | - | Yes |
| Security Audit | - | - | Yes |
- Guest and Operator accounts see “My Account” on the Administration sidebar and can only view/change their own account settings. Administrator accounts see “Accounts” on the Administration sidebar and can view/manage all user accounts.
All three roles provide both Web interface and CLI access to the system. These roles and their privileges are also supported using VACM (View-based Access Control Model) for SNMP access control.
Please refer to the Important Notice (postcard included in the box or available from the Download Center on the Haivision Support Portal) for the default sign-in credentials.
Caution
For security purposes, Haivision strongly advises you to change the default password for all accounts during initial configuration.Administrators can create, delete, lock, and unlock user accounts, including changing the password, from the Accounts page (see Managing User Accounts). Operators and guests can manage their password from the My Account page (see Changing Your Password).
You can also change your own account password CLI using the passwd command.
Note
Any changes to the default passwords, created accounts, and deleted default accounts will be lost after a Factory Reset or a firmware downgrade. Factory Reset restores the default accounts and passwords.Related Topics