Configuring User Group Attributes - HP 4800G Series Configuration Manual

To do...
Configure the binding attributes for
the local user
Configure the authorization
attributes for the local user
Set the expiration time of the user
Specify the user group for the local
user
Note that:
With the local-user password-display-mode cipher-force command configured, a local user
password is always displayed in cipher text, regardless of the configuration of the password
command. In this case, if you use the save command to save the configuration, all existing local
user passwords will still be displayed in cipher text after the device restarts, even if you restore the
display mode to auto.
The access-limit command configured for a local user takes effect only when local accounting is
used.
Local authentication checks the service types of a local user. If the service types are not available,
the user cannot pass authentication.
In the authentication method that requires the username and password, including local
authentication, RADIUS authentication and HWTACACS authentication, the commands that a
login user can use after logging in depend on the level of the user. In other authentication methods,
which commands are available depends on the level of the user interface. For an SSH user using
public key authentication, the commands that can be used depend on the level configured on the
user interface. For details regarding authentication method and commands accessible to user
interface, refer to Login Configuration in the System Volume.
Binding attributes are checked upon authentication of a local user. If the checking fails, the user
fails the authentication. Therefore, be cautious when deciding which binding attributes should be
configured for a local user.
Every configurable authorization attribute has its definite application environments and purposes.
Therefore, when configuring authorization attributes for a local user, consider what attributes are
needed.

Configuring User Group Attributes

For simplification of local user configuration and manageability of local users, the concept of user group
is introduced. A user group consists of a group of local users and has a set of local user attributes. You
Use the command...
bind-attribute { call-number
call-number [ : subcall-number ] |
ip ip-address | location port
slot-number subslot-number
port-number | mac mac-address
| vlan vlan-id } *
authorization-attribute { acl
acl-number | callback-number
callback-number | idle-cut
minute | level level |
user-profile profile-name | vlan
vlan-id | work-directory
directory-name } *
expiration-date time
group group-name
1-20
Remarks
Optional
By default, no binding
attribute is configured for a
local user.
Optional
By default, no authorization
attribute is configured for a
local user.
Optional
Not set by default
Optional
By default, a local user
belongs to default user
group system.