User access control, Setting up user ids – NEC INTELLIGENT L2 SWITCH N8406-022A User Manual

Page 27

Advertising
background image

Accessing the switch 27


User access control

The switch allows an administrator to define end user accounts that permit end users to perform limited actions on
the switch. Once end user accounts are configured and enabled, the switch requires username/password
authentication.

For example, an administrator can assign a user who can log into the switch and perform operational commands
(effective only until the next switch reboot).

The administrator defines access levels for each switch user, as shown in the following table.

Table 6 User access levels

User account

Description

Password

admin

The Administrator has complete access to all menus, information, and
configuration commands on the switch, including the ability to change both the
user and administrator passwords.

admin

oper

The Operator manages all functions of the switch. The Operator can reset
ports or the entire switch.

oper

user

The User has no direct responsibility for switch management.
He/she can view all switch status information and statistics but
cannot make any configuration changes to the switch.

user

Passwords can be up to 128 characters in length for TACACS+, RADIUS, Telnet, SSH, console, and BBI access.

If RADIUS authentication is used, the user password on the Radius server will override the user password on the
switch. Also note that the password-change command on the switch modifies only the “use switch” password and
has no effect on the user password on the Radius server. RADIUS authentication and user password cannot be
used concurrently to access the switch.

Setting up user IDs

The administrator can configure up to 10 user accounts.

To configure an end-user account, perform the following steps:

1.

Select a user ID to define.

>> # /cfg/sys/access/user/uid 1

2.

Define the user name and password.

>> User ID 1 # name jane (Assign name “jane” to user ID 1)

Current user name:

New user name: jane

3.

Define the user access level. By default, the end user is assigned to the user access level. To change the
user’s access level, enter the user Class of Service (cos) command, and select one of the available options.

>> User ID 1 # cos <user|oper|admin>

4.

Enable the user ID.

>> # /cfg/sys/access/user/uid <#>/ena

Once an end user account is configured and enabled, the user can login to the switch using the
username/password combination. The level of switch access is determined by the user CoS for the account. The
CoS corresponds to the user access levels described in the User access levels table.

Advertising
Popular Brands
Popular manuals