Default User Settings; Account And Password Policy Settings - Alcatel-Lucent OmniSwitch AOS Release 6 Manual

Overview of User Accounts

Default User Settings

The default user account on the switch is used for storing new user defaults for privileges and profile
information. This account does not include a password and cannot be used to log into the switch.
At the first switch startup, the default user account is configured for:
•
No read or write access.
•
No SNMP access.
•
No end-user profile.
Any new users created on the switch will inherit the privileges or the end-user profile of the default user
unless the user is configured with specific privileges or a profile.
The default user settings may be modified. Enter the user command with default as the user name. Note
that the default user may only store default functional privileges or a default end-user profile. The default
user cannot be configured with both privileges and a profile.
The following example modifies the default user account with read-write access to all CLI commands:
-> user default read-write all
In this example, any new user that is created will have read and write access to all CLI commands (unless
a specific privilege or SNMP access is configured for the new user). For more information about configur-
ing privileges, see "Setting Up End-User Profiles" on page
The privilege default is particularly important for users who are authenticated via an ACE/Server, which
only supplies username and password information; or for users who are authenticated via a RADIUS or
LDAP server on which privileges are not configured. For more information about these servers, see the
"Managing Authentication Servers" chapter of the OmniSwitch AOS Release 6 Network Configuration
Guide.

Account and Password Policy Settings

The switch includes global password settings that are used to implement and enforce password complex-
ity when a password is created, modified, and used. These user-configurable settings apply the following
password requirements to all user accounts configured for the switch:
•
Minimum password size.
•
Whether or not a password can contain the account username.
•
Minimum password character requirements.
•
Password expiration.
•
Password history.
•
Minimum password age.
In addition to global password settings, the switch also includes global user lockout settings that deter-
mine when a user account is locked out of the switch and the length of time the user account remains
locked.
See "Configuring Password Policy Settings" on page 10-12
Settings" on page 10-15
page 10-8
for more information.
OmniSwitch AOS Release 6 Switch Management Guide
Managing Switch User Accounts
10-20.
and "Configuring Global User Lockout
July 2010