Re-Enabling Locked Accounts
Listing Current Users
Logging into an End User Account
Password Fix-Up Mode
© Copyright Lenovo 2017
After multiple failed login attempts, the switch locks the user account if lockout
has been enabled on the switch.
The administrator can re‐enable a locked account by reloading the switch or by
using the following command:
RS 8264CS(config)# access user strong-password clear local user lockout
username <user name>
However, the above command cannot be used to re‐enable an account disabled by
the administrator.
To re‐enable all locked accounts, use the following command:
RS 8264CS(config)# access user strong-password clear local user lockout
all
The following command displays defined user accounts and whether or not each
user is currently logged into the switch.
RS 8264CS# show access user
Usernames:
user
- Enabled - offline
oper
- Disabled - offline
admin
- Always Enabled - online 1 session
Current User ID table:
1: name jane
, ena, cos user
2: name john
, ena, cos user
Once an end user account is configured and enabled, the user can login to the
switch using the username/password combination. The level of switch access is
determined by the COS established for the end user account.
Password Fix‐Up Mode enables admin user account recovery if administrator
access is lost. A user must connect to the switch over the serial console and log in
using the "ForgetMe!" password. This enables the admin account if disabled and a
new administrator password can be entered.
To disable the Password Fix‐Up functionality, use the following command:
RS 8264CS(config)# no access user password-recovery
, password valid, online 1 session
, password valid, online 2 sessions
Chapter 4: Securing Administration
95