Configuring user group attributes – H3C Technologies H3C SecPath F1000-E User Manual

Page 178

Advertising
background image

168

Configuring user group attributes

User groups simplify local user configuration and management. A user group comprises a group of local

users and has a set of local user attributes. You can configure local user attributes for a user group to
implement centralized user attributes management for the local users in the group. Configurable user

attributes include password control attributes and authorization attributes.
By default, every newly added local user belongs to the system default user group system and bears all

attributes of the group. To change the user group to which a local user belongs, use the user-group
command in local user view.
To configure attributes for a user group:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Create a user group and enter
user group view.

user-group group-name

N/A

3.

Configure password control
attributes for the user group.

Set the password aging time:
password-control aging

aging-time

Set the minimum password
length:

password-control length length

Configure the password

composition policy:

password-control composition

type-number type-number

[ type-length type-length ]

Optional.
By default, the global settings
apply, including a 90-day

password aging time, a minimum

password length of 10 characters,

and at least one password
composition type and at least one

character required for each

password composition type.
The minimum password length is 8
characters.
In FIPS mode, the value of the
type-number argument must be 4.

4.

Configure the authorization

attributes for the user group.

authorization-attribute { acl
acl-number | callback-number
callback-number | idle-cut minute

| level level | user-profile
profile-name | vlan vlan-id |

work-directory directory-name } *

Optional.
By default, no authorization

attribute is configured for a user
group.

5.

Set the guest attribute for the

user group.

group-attribute allow-guest

Optional.
By default, the guest attribute is not
set for a user group, and guest

users created by a guest manager

through the Web interface cannot
join the group.

Advertising
This manual is related to the following products:

H3C SecPath F5000-A5 Firewall, H3C SecPath F1000-A-EI, H3C SecPath F1000-E-SI, H3C SecPath F1000-S-AI, H3C SecPath F5000-S Firewall, H3C SecPath F5000-C Firewall, H3C SecPath F100-C-SI, H3C SecPath F1000-C-SI, H3C SecPath F100-A-SI, H3C SecBlade FW Cards, H3C SecBlade FW Enhanced Cards, H3C SecPath U200-A U200-M U200-S, H3C SecPath U200-CA U200-CM U200-CS

Popular Brands
Popular manuals