03-03-2022 12:28 PM - edited 03-03-2022 01:24 PM
[Edited with correct version numbers]
I've just discovered this. Nice!
I don't remember reading about this feature in the release notes, and it is documented in the help, so it must exist!
But it wasn't there is v5.2(1)
It may have been in 5.2(2), and I didn't notice
Definitely there in 5.2(3) - but here's the catch - If I'm not logged in as username admin, I don't see anything, even if I have full admin rights
Does anyone know what's going on here?
Is this a bug?
If it is a bug, does anyone care?
Solved! Go to Solution.
03-03-2022 05:48 PM
This was part of the 5.2(3) LLR features intended to help consolidate all security info into one place - including Contracts & ESGs. It'll display filter hit counts etc. . Its also present under each Tenant view (the view under System is the fabric-wide view).
Robert
03-03-2022 05:51 PM
And Yes (sigh) this looks like a bug that data isn't being shown for any user other than the default 'admin' account. Local & Remote admin-level accounts don't work correctly. I'll confirm & raise this tomorrow.
Robert
03-03-2022 12:48 PM - edited 03-03-2022 12:58 PM
Hi Chris,
I just checked 5.2.2f, and the "security" tab is not there.
About the non-`admin` user inconsistency you see, all I can say is: the RBAC/roles/security domains in ACI are so chaotically implemented that I am inclined to say is a bug.
EDIT: Chris, you mentioned 5.3. Is this a typo (5.2.3)? I don't see 5.3 released yet.
Take care,
Sergiu
03-03-2022 12:50 PM
Also - non-topic related, why there are three users always giving instant helpful votes (bots?)
03-03-2022 01:31 PM
Curious. I usually delete those as soon as the email comes, but I'll keep an eye out. If you are logged in, have notifications enabled and someone posts, you'll see a pop-up that you can click. Maybe some people just sit on the Cisco community forum all day waiting for my words of wisdom to flow forth....................
I'll stop deleting and see if I notice anything fishy
03-03-2022 05:30 PM
There are 3-4 User accounts using Bots. I've warned them this week to disable them or I ban & revoke their awards (sorry) by Friday. This isn't the first time we've seen this.
Robert
03-03-2022 01:28 PM
Keeping me honest - thanks. Edited the version numbers thanks to your pickup
I have considered that the tab MIGHT be to do with a plugin, but have only Nexus Insights Cloud Connector and Policy Viewer installed, and besides, on that screen, clicking help gives a pretty full explanation (except WHY you have to be user admin)
However, you need to know that you've made my day with the most precise explanation of RBAC I've seen:
all I can say is: the RBAC/roles/security domains in ACI are so chaotically implemented that I am inclined to say is a bug.
Oh so true!
03-03-2022 05:48 PM
This was part of the 5.2(3) LLR features intended to help consolidate all security info into one place - including Contracts & ESGs. It'll display filter hit counts etc. . Its also present under each Tenant view (the view under System is the fabric-wide view).
Robert
03-03-2022 05:51 PM
And Yes (sigh) this looks like a bug that data isn't being shown for any user other than the default 'admin' account. Local & Remote admin-level accounts don't work correctly. I'll confirm & raise this tomorrow.
Robert
03-04-2022 06:15 AM
Raised CSCwb13504 to track this. @Chris if you could open a quick TAC case, and link it to this bug, will help prioritize this quickly.
Thanks,
Robert
03-26-2022 12:14 PM
To close this loop this will be patched into 5.2(5) as well as 6.x release.
Robert
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: