You can configure a password control attribute in system view, user group view, or local user view.
A password control attribute with a smaller effective range has a higher priority. For more
information about password management and global password configuration, see
password
Local user configuration task list
Tasks at a glance
(Required.)
(Optional.)
(Optional.)
Configuring local user attributes
When you configure local user attributes, follow these guidelines:
When you use the password-control enable command to globally enable the password control
•
feature, local user passwords are not displayed.
You can configure authorization attributes and password control attributes in local user view or user
•
group view. The setting in local user view takes precedence over the setting in user group view.
Configure authorization attributes according to the application environments and purposes.
•
Support for authorization attributes depends on the service types of users.
For LAN and portal users, only the following authorization attributes are effective: acl,
user-profile, and vlan.
For Telnet and terminal users, only the authorization attribute idle-cut and user-role is effective.
For HTTP and HTTPS users, only the authorization attribute user-role is effective.
For SSH users, only the authorization attributes idle-cut, user-role and work-directory are
effective.
For FTP users, only the following authorization attributes are effective: user-role and
work-directory.
For other types of local users, no authorization attribute is effective.
•
Configure the location binding attribute based on the service types of users.
For 802.1X users, specify the 802.1X-enabled Layer 2 Ethernet interfaces through which the
users access the device.
For MAC authentication users, specify the MAC authentication-enabled Layer 2 Ethernet
interfaces through which the users access the device.
For portal users, specify the portal-enabled interfaces through which the users access the device.
Specify the Layer 2 Ethernet interfaces if portal is enabled on VLAN interfaces and the portal
roaming enable command is not configured.
To configure local user attributes:
Step
1.
Enter system view.
2.
Add a local user and enter
local user view.
control."
Configuring local user attributes
Configuring user group attributes
Displaying and maintaining local users and local user groups
Command
system-view
local-user user-name [ class
{ manage | network } ]
19
Remarks
N/A
By default, no local user exists.
"Configuring