Switch Login Levels
© Copyright Lenovo 2017
To enable better switch management and user accountability, three levels or classes
of user access have been implemented on the G8264CS. Levels of access to CLI,
Web management functions, and screens increase as needed to perform various
switch management tasks. Conceptually, access classes are defined as follows:
User interaction with the switch is completely passive—nothing can be changed
on the G8264CS. Users may display information that has no security or privacy
implications, such as switch statistics and current operational state information.
Operators can only effect temporary changes on the G8264CS. These changes
will be lost when the switch is rebooted/reset. Operators have access to the
switch management features used for daily switch operations. Because any
changes an operator makes are undone by a reset of the switch, operators cannot
severely impact switch operation.
Administrators are the only ones that may make permanent changes to the
switch configuration—changes that are persistent across a reboot/reset of the
switch. Administrators can access switch functions to configure and
troubleshoot problems on the G8264CS. Because administrators can also make
temporary (operator‐level) changes as well, they must be aware of the
interactions between temporary and permanent changes.
Access to switch functions is controlled through the use of unique user names and
passwords. Once you are connected to the switch via console, remote Telnet, or
SSH, you are prompted to enter a password. The default user names/password for
each access level are listed in the following table.
Note: It is recommended that you change the default switch passwords after initial
configuration and as regularly as required under your network security policies.
Table 2.
User Access Levels ‐ Default Settings
User
Password Description and Tasks Performed
Account
user
user
oper
oper
admin
admin
The User has no direct responsibility for
switch management. He or she can view all
switch status information and statistics, but
cannot make any configuration changes to
the switch.
The Operator manages all functions of the
switch. The Operator can reset ports, except
the management ports.
The superuser Administrator has complete
access to all menus, information, and
configuration commands on the G8264CS,
including the ability to change both the user
and administrator passwords.
Status
Disabled
Disabled
Enabled
Chapter 1: Switch Administration
49