Deleting a user-defined account, Changing account parameters, Recovering user-defined accounts – HP StorageWorks 2.128 SAN Director Switch User Manual

44

Configuring standard security features

3.

In response to the prompt, enter a password for the account.
The password is not displayed when you enter it on the command line.

Deleting a user-defined account

Only accounts with the admin role can delete user-defined accounts on the logical switch.

1.

Connect to the switch and log in as admin.

2.

Issue the following command:

userConfig --delete username

where

username

specifies the account name. You cannot delete the default accounts. An account

cannot delete itself. All active CLI sessions for the deleted account are logged out.

3.

Enter

y

at the prompt for confirmation.

Changing account parameters

Accounts with the admin role can change information for accounts that have lesser permissions. Accounts

with the user role cannot.

1.

Connect to the switch and log in as admin.

2.

Issue the following command:

userconfig --change username [-r rolename] [-d description] [-e yes | no]

Recovering user-defined accounts

If a backup account exists (in secure mode), you can recover it with the following command:

userConfig --recover

The following conditions apply to recovering user accounts:

•

Only accounts with admin or higher roles can recover accounts.

•

The attributes in the backup database replace the attributes in the current account database.

•

An event is stored in the system message log, indicating that accounts have been recovered.

where:

username

Changes the account attribute for

username

. The account must already

exist.

-r

rolename

Is an optional argument that changes the role: either

admin

,

switchAdmin

, or

user

in nonsecure mode;

admin

,

user

, or

nonfcsadmin

in secure mode.

An account cannot change its own role.
You can change the role name of a user-defined account only with a

lower level of authorization.

-d

description

Is an optional argument; the account description. The description field

can be up to 40 printable ASCII characters. The following characters are

not allowed: asterisk (*), quotation mark (“), exclamation point (!),

semicolon (;), and colon (:).
You can change the description of a user-defined account only with a

lower level of authorization.

-e

Is an optional argument; enter

yes

to enable the account or enter

no

to

disable it. If you disable an account, all active CLI sessions for that

account are logged out. You can enable or disable user-defined or

default accounts.