Adding And Clearing Local Users For Administrative Access; Configuring Accounting For Administrative Users - Nortel 2300 Series Configuration Manual

Adding and Clearing Local Users for Administrative Access

Usernames and passwords can be stored locally on the WSS switch. Nortel recommends that you enforce console
authentication after the initial configuration to prevent anyone with unauthorized access to the console from logging in.
The local database on the WSS switch is the simplest way to store user information in a Nortel system.
To configure a user in the local database, type the following command:
set user username password password
For example, to configure user Jose with the password spRin9 in the local database on the WSS, type the following
command:
23x0# set user Jose password spRin9
success: User Jose created
To clear a user from the local database, type the following command:
clear user username

Configuring Accounting for Administrative Users

Accounting allows you to track network resources. Accounting records can be updated for three important events: when
the user is first connected, when the user roams from one AP access point to another, and when the user terminates his or
her session. The default for accounting is off.
To configure accounting for administrative logins, use the following command:
set accounting {admin | console} {user-wildcard} {start-stop | stop-only} method1
[method2] [method3] [method4]
To configure accounting for administrative logins over the network at EXAMPLE, enter the following command:
set accounting admin EXAMPLE\* start-stop | stop-only aaa-method
You can select either start-stop or stop-only accounting modes. The stop-only mode sends only stop records, whereas
start-stop sends both start and stop records, effectively doubling the number of accounting records. In most cases,
stop-only is entirely adequate for administrative accounting, because a stop record contains all the information you
might need about a session.
In the set accounting command, you must include AAA methods that specify whether to use the local database or
RADIUS server to receive the accounting records. Specify local, which causes the processing to be done on the WSS
switch, or specify a RADIUS server group. For information about configuring a RADIUS server group, see
uring RADIUS Server Groups" on page
For example, you can set accounting for administrative users using the start-stop mode through the local database:
23x0# set accounting admin EXAMPLE\* start-stop local
success: change accepted.
The accounting records show the date and time of activity, the user's status and name, and other attributes. The show
accounting statistics command displays accounting records for administrative users after they have logged in to the
WSS switch.
Configuring AAA for Administrative and Local Access 63
483.
Nortel WLAN Security Switch 2300 Series Configuration Guide
"Config-