A user access policy limits user login to Space Center to enhance security. A user access policy can limit the access time during which users can log in, the IP addresses of endpoints used to log in, or both.
If you configure a user access policy to limit both the access time and IP addresses, the system performs login control as follows:
If the IP address of a user matches a policy rule:
If the rule action is Allow, the user is allowed to log in during the access time.
If the rule action is Reject, the user is not allowed to log in.
If the IP address of a user does not match a policy rule, the system performs login control according to the default action of the policy:
If the default action is Allow, the user is allowed to log in during the access time.
If the default action is Reject, the user is not allowed to log in.
Create a user access policy: Create a user access policy to limit the access time and IP addresses to log in.
Apply a user access policy: Apply a user access policy when creating or editing a user.
Manage user access policies: Edit, delete, or view the details of user access policies.
The default action of the policy cannot be the same as the rule action.
A user access policy takes effect after it is referenced.
From the left navigation pane, select System Settings > System Security > User Access Policies. The User Access Policies page opens.
Click Add, and on the page that opens, configure related parameters.
Click Create Rule, and on the dialog box that opens, configure related parameters.
Click OK.
Access Time: Specify a time span during which users can log in to Space Center. Options include Disable (the default), Weekly, and Daily. If you specify Weekly or Daily, you need to configure the specific time.
IP Rules Default Action: Specify the default action to take when the IP address of a user does not match a policy rule. Options include Reject (the default) and Allow.
Start IP: Specify the start IP address of the address range in the rule.
End IP: Specify the end IP address of the address range in the rule. If the IP address of a user is within the address range, the system allows or denies the user login according to the rule action.
Action: Specify the action to take on users. Options include Reject (the default) and Allow.
You can edit, delete, or view the details of user access policies.
From the left navigation pane, select System Settings > System Security > User Access Policies. The User Access Policies page opens.
Click Edit in the Actions column for the user access policy to be edited.
Edit parameters and rules, and click OK. For more information about the parameters, see "Parameters."
From the left navigation pane, select System Settings > System Security > User Access Policies. The User Access Policies page opens.
Delete multiple user access policies in bulk:
Select the user access policies to be deleted, click Delete.
On the dialog box that opens, click OK.
Delete a single user access policy:
Click Delete in the Actions column for the user access policy to be deleted.
On the dialog box that opens, click OK.
From the left navigation pane, select System Settings > System Security > User Access Policies. The User Access Policies page opens.
Click the name of the user access policy to be viewed.
Click Back to return to the User Access Policies page.