Hà Nội: NTT03, Line 1, Thống Nhất Complex, 82 Nguyễn Tuân, Thanh Xuân, Hà Nội. ● HCM: Số 31B, Đường 1, Phường An Phú, Quận 2 (Thủ Đức), TP HCM. ===> Đơn Vị Hàng Đầu Trong Lĩnh Vực Cung Cấp Thiết Bị Security - Network - Wifi - CCTV - Conference - Máy chủ Server - Lưu trữ Storge.
Danh mục sản phẩm

Configure Administrator User Attribute

The administrator indicates the user logging into the device.

When configuring the attribute of the local administrator user, there are the following configuration restrictions and instructions:

  • If the user authorizes the role through AAA at the time of login, whether the user can execute the command after logging to the device depends on the role. If not authorizing the role through AAA at the time of login, whether the user can execute the command after logging into the device depends on the user level.
  • For SSH users, when using public key authentication, when the authentication mode of logging into the device is not configured in the user line view, the commands they can use are based on the user role or user level set in the local administrator user view with the same name as the SSH user (the priority of the user role is higher than the user level). For the detailed introduction to user roles, refer to “Configuration Roles” in “LUM Configuration Guide”.
  • The maximum try times of the user password can be configured in the local administrator user view and administrator user group view. The priority order of the configuration in each view is: local administrator user view - > administrator user group view.
  • The password lifecycle of the user can be configured in the local administrator user view, the administrator user group view and the global view. The priority order of the configuration in each view is: local administrator user view - > administrator user group view - > global view.

Configuration Conditions

None

Configure the Attribute of Administrator User

Table 13‑5 Configure the attribute of the administrator user

Step

Command

Description

Enter the global configuration mode.

configure terminal

-

Create an administrator user and enter the administrator user mode

local-user user-name class manager

Mandatory

By default, do not create the administrator user.

Configure the administrator user password

password  0  password

 

Mandatory

By default, the user does not have password.

Set the server type that the user can adopt

service-type { ssh | telnet | console | ftp | web}

 

Mandatory

By default, the user does not support any service-type.

Set the user role of the local user

user-role  role-name

 

Optional

By default, do not configure the administrator role.

The priority of the administrator role is higher than the administrator level, that is, when the administrator user is configured with the role, the administrator authority is based on the administrator role.

Set the user group of the administrator user

group group-name

Optional

By default, do not configure the user group.

Configure the level of the login user authorization

privilege privilege-level-number

 

Optional

By default, the default level is 1.

Configure the command that the user automatically executes

autocommand command-line

 

Optional

By default, do not configure the command that the user automatically executes.

Configure the option that the user automatically executes the command

autocommand-option { nohangup [ delay delay-time-number ] |delay delay-time-number [ nohangup ] }

 

Optional

By default, disconnect after executing the command automatically and the delay time of automatically executing the command is 0.

Configure the life period of the user

password-control livetime user-live-time

Optional

By default, do not limit the life period of the user.

Configure the maximum times of the successive login authentication failure of the administrator user

password-control max-try-time max-try-time-number

 

Optional

By default, the user management does not limit the maximum try times.

Configure the maximum online quantity of one user

max-online-num user-number

Optional

By default, do not limit the maximum online quantity of one user.

Configure the file authority that the user can use

filesys-control {read | write | execute | none}

Optional

By default, the user owns the read, write, and execute file authorities.

Configure the directory provided by the device for the administrator to access or manage

work-directory directory

 

Optional

By default, it is /flash directory. Currently, the attribute only functions on the file directory of configuring ftp user login device.