Configuring the attributes of a local user, Configuring the attributes of a local user -6 – H3C Technologies H3C WX3000 Series Unified Switches User Manual

Page 258

Advertising
background image

25-6

To do…

Use the command…

Remarks

Set a VLAN name for VLAN
assignment

name

string

This operation is required if the
VLAN assignment mode is set to
string.

z

In string mode, if the VLAN ID assigned by the RADIUS server is a character string containing only
digits (for example, 1024), the device first regards it as an integer VLAN ID: the device transforms
the string to an integer value and judges if the value is in the valid VLAN ID range; if it is, the device
adds the authenticated port to the VLAN with the integer value as the VLAN ID (VLAN 1024, for
example).

z

To implement dynamic VLAN assignment on a port where both MSTP and 802.1x are enabled, you
must set the MSTP port to an edge port.

Configuring the Attributes of a Local User

When local scheme is chosen as the AAA scheme, you should create local users on the device and
configure the relevant attributes.

The local users are users set on the device, with each user uniquely identified by a user name. To make
a user who is requesting network service pass local authentication, you should add an entry in the local
user database on the device for the user.

Follow these steps to configure the attributes of a local user

To do…

Use the command…

Remarks

Enter system view

system-view

Set the password
display mode of all
local users

local-user
password-display-mode
{ cipher-force | auto }

Optional
By default, the password display mode of all access
users is auto, indicating the passwords of access
users are displayed in the modes set by the
password

command.

Add a local user and
enter local user view

local-user

user-name

Required
By default, there is no local user in the system.

Set a password for the
local user

password

{ simple | cipher }

password

Required

Set the status of the
local user

state

{ active | block }

Optional
By default, the user is in active state, that is, the user
is allowed to request network services.

Authorize the user to
access specified
type(s) of service

service-type

{ ftp |

lan-access | { telnet | ssh |
terminal

}* [ level level ] }

Required
By default, the system does not authorize the user to
access any service.

Set the privilege level
of the user

level

level

Optional
By default, the privilege level of the user is 0.

Advertising
Popular Brands
Popular manuals