Dell POWEREDGE M1000E User Manual

Controlling Management Access

235

The password lockout feature disables local access to the switch for a given

user name if the user fails to supply the correct password within the

configured number of attempts. Failed attempts to log on do not need to

close together in time; consecutive login failures separated by extensive time

periods can still cause a user to be locked out. The failed attempt count for a

user name is reset upon successfully logging on to the switch or rebooting or

resetting the switch.
The configuration example in this section shows how to configure password

lockout for a user with the user name abc on the serial port. This example

requires a few extra steps because the serial port, by default, does not have an

access method that enables password lockout. By default, Telnet and SSH

access methods have password lockout enabled through the networkList

authentication method. With the exception of the line console command,

the steps in this example are similar to the steps required for enabling lockout

for a user on the out-of-band port.
To configure the switch:

1 Create a local user

console#configure

console(config)#username abc password password

2 Configure the lockout policy globally and specify that the user can attempt

to enter a password three times before being locked out.

console(config)#passwords lock-out 3

console(config)#exit

3 View information about the users in the local database.

console#show users accounts

UserName Privilege Password Password Lockout

Aging Expiry date

-------- --------- -------- -------------------- --------

abc

1 --- --- False

admin

15 --- --- False