User access control, Setting up user ids, Defining a user’s access level – Juniper Networks EX2500 User Manual

EX2500 Ethernet Switch Configuration Guide

20

„

Securing Access to the Switch

User Access Control

The end user access control commands allow you to configure end user accounts.

Setting Up User IDs

Up to 10 user IDs can be configured. Use the following commands to define
usernames and passwords:

ex2500(config)# access user 1 name <1-8 characters>
ex2500(config)# access user 1 password

Changing user1 password; validation required:
Enter current admin password: <current administrator password>
Enter new user1 password: <new user password>
Re-enter new user1 password: <new user password>
New user1 password accepted.

Defining a User’s Access Level

The end user is by default assigned to the user access level (also known as class of
service, or COS). COS for all user accounts has global access to all resources except
for User COS, which has access to view-only resources that the user owns. For
more information, see Table 4 on page 13.

To change the user’s level, select one of the following options:

ex2500(config)# access user 1 level { user | operator | administrator }

Enabling or Disabling a User

An end user account must be enabled before the switch recognizes and permits
login under the account. Once enabled, the switch requires any user to enter both
username and password.

ex2500(config)# access user 1 enable
ex2500(config)# no access user 1 enable

Listing Current Users

The following command displays defined user accounts and whether or not each
user is currently logged in to the switch.

ex2500# show access user

Usernames:
user - Enabled - offline
oper - Disabled - offline
admin - Always Enabled - online 1 session

Current User ID table:
1: name jane , ena, cos user , password valid, online 1 session
2: name john , ena, cos user , password valid, online 2 sessions