User Access Control Menu
Setting Up User IDs
Defining a User's Access Level
Validating a User's Configuration
Enabling or Disabling a User
Locking Accounts
80
CN4093 Application Guide for N/OS 8.3
The administrator can choose the number of days allowed before each password
expires. When a strong password expires, the user is allowed to log in one last time
(last time) to change the password. A warning provides advance notice for users to
change the password.
The end-user access control commands allow you to configure end-user accounts.
Up to 20 user IDs can be configured in the User ID menu.
CN 4093(config)# access user 1 name <1-8 characters>
CN 4093(config)# access user 1 password
Changing user1 password; validation required:
Enter current admin password: <current administrator password>
Enter new user1 password: <new user password>
Re-enter new user1 password: <new user password>
New user1 password accepted.
The end user is by default assigned to the user access level (also known as class of
service, or CoS). CoS for all user accounts have global access to all resources except
for User CoS, which has access to view only resources that the user owns. For more
information, see
Table 7 on page
To change the user's level, enter the class of service
CN 4093(config)# access user 1 level {user|operator|administrator}
CN 4093# show access user uid 1
An end user account must be enabled before the switch recognizes and permits
login under the account. Once enabled, the switch requires any user to enter both
username and password.
CN 4093(config)# [no] access user 1 enable
To protect the switch from unauthorized access, the account lockout feature can be
enabled. By default, account lockout is disabled. To enable this feature, ensure the
strong password feature is enabled (See
the following command:
CN 4093(config)# access user strong-password lockout
After multiple failed login attempts, the switch locks the user account if lockout
has been enabled on the switch.
86.
cos
"Strong Passwords" on page
command:
79). Then use