Cisco Catalyst 9800 Series Wireless Controller Software Configuration Guide, Cisco IOS XE 17.14.x

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

Book Contents

Find Matches in This Book

Results

Updated:: April 5, 2024

Chapter: Creating a Lobby Ambassador Account

Creating a Lobby Ambassador Account
Information About Lobby Ambassador Account
Creating a Lobby Ambassador User Account (GUI)
- Creating a User Account
- Logging In Using the Lobby Account
Creating a Lobby Ambassador Account (CLI)

Creating a Lobby Ambassador Account

Information About Lobby Ambassador Account

A global administrator can create a lobby ambassador (lobby admin) user for creating guest users.

While creating a guest user, a lobby ambassador can create and delete a guest user, besides setting the following parameters for a guest user:

Password
Lifetime of the guest user
Guest role profiles (Quality-of-Service profiles that should be applied on a guest using the AAA attribute list.

You must ensure that the RADIUS server must be configured with Cisco-AV-pair privilege level with a value greater than zero.

Note

You can create a lobby admin from a RADIUS or TACACS server, instead of creating one locally.

Only the admin can create WLAN and web authentication policies. The admin can also create an AAA attribute list, which the lobby admin can use to map to the corresponding guest user.

After an upgrade to Cisco Catalyst 9800 Controller Software release 17.2.x , you must clear the browser cache data to view the lobby admin GUI correctly.

Creating a Lobby Ambassador User Account (GUI)

You can configure administrator or lobby ambassador usernames and passwords to prevent unauthorized users from reconfiguring the controller and viewing configuration information.

Creating a User Account

Procedure

Step 1	From the home page, choose Administration > User Administration.
Step 2	Click Add.
Step 3	In the User Name field, enter a user name for the new account.
Step 4	From the Policy drop-down list, choose the policy that you want to associate with the user.
Step 5	From the Privilege drop-down list, choose the privilege level that you want to associate with the user by clicking the user privilege icon. The following are the options: Go to Basic Mode Go to Advanced Mode Go to Basic Mode: This privilege level defines the commands that users can enter using the CLI after they have logged into the device. Privilege 1 allows access in user EXEC mode and privilege 15 allows access in Privileged EXEC mode. Go to Advanced Mode: Admin: Users with Privilege 15 can execute all the show, config, and exec commands on the device. These users will have access to all the sections of the GUI. Read Only: Users with Privileges 1 to 14 are considered read-only users. The default privilege is 1 if a user is created using the GUI. These users will have access only to the Dashboard and the Monitoring sections. No Access: Users with Privilege 0 can log in to the device through Telnet or SSH and access the CLI. However, they cannot access the GUI. Lobby Admin: Users who can create only guest user accounts. While creating a guest user, a lobby ambassador can create and delete a guest user, besides setting the following parameters for a guest user: Password Lifetime of the guest user Guest role profiles (quality-of-service) profiles that should be applied on a guest using the AAA attribute list.
Step 6	In the Password field, enter a password for the new account.
Step 7	In the Confirm Password field, enter the same password again to reconfirm.
Step 8	Click Apply to Device.

Logging In Using the Lobby Account

Note

Execute the following commands before logging in using the lobby credentials:

aaa new-model

aaa authorization exec default local

ip http authentication aaa

Logout from the Administrator account and login using the lobby credentials.

You get to view the Guest User page.

Creating a Lobby Ambassador Account (CLI)

Procedure

	Command or Action	Purpose
Step 1	configure terminal Example: `Device# configure terminal`	Enters global configuration mode.
Step 2	user-name `user-name` Example: `Device(config)# user-name example-user`	Creates a user account.
Step 3	type lobby-admin Example: `Device(config-user-name)# type lobby-admin`	Specifies the account type as lobby admin.
Step 4	password 0 `password` Example: `Device(config-user-name)# password 0 example-password`	Creates a password for the lobby administrator account.
Step 5	aaa attribute list `user-name` Example: `Device(config-user-name)# aaa attribute list example-user`	Creates attribute list for lobby admin access.
Step 6	attribute type `wlan-profile-name` Example: `Device(config-user-name)# attribute type wlan_wl_mab`	Creates attribute type for lobby admin access.
Step 7	exit Example: `Device(config-user-name)# exit`	Returns to global configuration mode.

Was this Document Helpful?

Feedback

Contact Cisco

Open a Support Case
(Requires a Cisco Service Contract)

Cisco Catalyst 9800 Series Wireless Controller Software Configuration Guide, Cisco IOS XE 17.14.x

Bias-Free Language

Results

Chapter: Creating a Lobby Ambassador Account

Creating a Lobby Ambassador Account

Information About Lobby Ambassador Account

Creating a Lobby Ambassador User Account (GUI)

Creating a User Account

Procedure

Logging In Using the Lobby Account

Creating a Lobby Ambassador Account (CLI)

Procedure

Example:

Example:

Example:

Example:

Example:

Example:

Example:

Was this Document Helpful?

Contact Cisco