HP 3600 v2 Series Security Configuration Manual page 30
Hide thumbs
Also See for 3600 v2 Series:
- Command reference manual (510 pages) ,
- Configuration manual (449 pages) ,
- Installation manual (62 pages)
Table of Contents
Advertisement
To do...
Set the validity time of the local
user
Set the expiration time of the local
user
Assign the local user to a user
group
NOTE:
•
If you configure the local-user password-display-mode cipher-force command, all existing local user
passwords will be displayed in cipher text, regardless of the configuration of the password command.
If you also save the configuration and restart the switch, all existing local user passwords will always be
displayed in cipher text, no matter how you configure the local-user password-display-mode
command or the password command. The passwords configured after you restore the display mode to
auto by using the local-user password-display-mode auto command, however, are displayed as
defined by the password command.
If the user interface authentication mode (set by the authentication-mode command in user interface
•
view) is AAA (scheme), which commands a login user can use after login depends on the privilege level
authorized to the user. If the user interface authentication mode is password (password) or no
authentication (none), which commands a login user can use after login depends on the level
configured for the user interface (set by the user privilege level command in user interface view). For an
SSH user using public key authentication, which commands are available depends on the level
configured for the user interface. For more information about user interface authentication mode and
user interface command level, see
You can configure the user profile authorization attribute in local user view, user group view, and ISP
•
domain view. The setting in local user view has the highest priority, and that in ISP domain view has the
lowest priority. For more information about user profiles, see the chapter "User profile configuration."
You cannot delete a local user that is the only security log manager in the system, nor can you change
•
or delete the security log manager role of the user. To do so, you must specify a new security log
manager first.
Configuring user group attributes
User groups simplify local user configuration and management. A user group consists of a group of local
users and has a set of local user attributes. You can configure local user attributes for a user group to
implement centralized user attributes management for the local users in the group.
By default, every newly added local user belongs to the system default user group system and bears all
attributes of the group. To change the user group to which a local user belongs, use the user-group
command in local user view.
Follow these steps to configure attributes for a user group:
To do...
Enter system view
Create a user group and enter user group
view
Use the command...
validity-date time
expiration-date time
group group-name
Fundamentals Configuration Guide
Use the command...
system-view
user-group group-name
19
Remarks
Optional
Not set by default
Optional
Not set by default
Optional
By default, a local user belongs to the
default user group system.
.
Remarks
—
Required
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
