Configuring User Accounts; Characteristics Of Strong Passwords - Cisco DS-X9530-SF1-K9 - Supervisor-1 Module - Control Processor Configuration Manual

Configuring User Accounts

S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m .
Table 26-1
CLI Operation
DEBUG
SHOW
CONFIG
CLEAR
EXEC
Example
The following example shows the privileges and rules mapping CLI operations to SNMP operations for
a role named my_role.
switch# show role name my_role
Role:my_role
vsan policy:permit (default)
---------------------------------------------
Rule
---------------------------------------------
Note Although CONFIG is denied for NTP in rule 4, rule 9 allows the SET to NTP MIB objects because EXEC
also maps to the SNMP SET operation.
Configuring User Accounts
Every Cisco MDS 9000 Family switch user has the account information stored by the system. Your
authentication information, user name, user password, password expiration date, and role membership
are stored in your user profile.
The tasks explained in this section enable you to create users and modify the profile of an existing user.
These tasks are restricted to privileged users as determined by your administrator.

Characteristics of Strong Passwords

A strong password has the following characteristics:
•
•
•
•
Cisco MDS 9000 Family Configuration Guide
26-10
CLI Operation to SNMP Operation Mapping
Type Command-type
1. permit clear
2. deny clear
3. permit config
4. deny config
5. permit debug
6. deny debug
7. permit show
8. deny show
9. permit exec
At least eight characters long
Does not contain many consecutive characters (such as "abcd")
Does not contain many repeating characters (such as "aaabbb")
Does not contain dictionary words
Chapter 26
SNMP Operation
Ignored
GET
SET
SET
SET
Feature
*
ntp
*
ntp
*
ntp
*
ntp
*
OL-6973-03, Cisco MDS SAN-OS Release 2.x
Configuring Users and Common Roles