Local user configuration task list, Configuring local user attributes, Configuring local – H3C Technologies H3C S6300 Series Switches User Manual
Page 34: User attributes
19
You can configure a password control attribute in system view, user group view, or local user view.
A password control attribute with a smaller effective range has a higher priority. For more
information about password management and global password configuration, see "
."
Local user configuration task list
Tasks at a glance
Configuring local user attributes
(Optional.)
Configuring user group attributes
(Optional.)
Displaying and maintaining local users and local user groups
Configuring local user attributes
When you configure local user attributes, follow these guidelines:
•
When you use the password-control enable command to globally enable the password control
feature, local user passwords are not displayed.
•
You can configure authorization attributes and password control attributes in local user view or user
group view. The setting in local user view takes precedence over the setting in user group view.
To configure local user attributes:
Step Command
Remarks
1.
Enter system view.
system-view
N/A
2.
Add a local user and enter
local user view.
local-user user-name [ class
{ manage | network } ]
By default, no local user exists.
3.
(Optional.) Configure a
password for the local
user.
•
For a network access user:
password { cipher | simple }
password
•
For a device management user:
{
In non-FIPS mode:
password [ { hash | simple }
password ]
{
In FIPS mode:
password
Network access user passwords are
encrypted with the encryption
algorithm and saved in ciphertext.
Device management user passwords
are encrypted with the hash
algorithm and saved in ciphertext.
In non-FIPS mode, a
non-password-protected user passes
authentication if the user provides the
correct username and passes
attribute checks. To enhance security,
configure a password for each local
user.
In FIPS mode, only
password-protected users can pass
authentication.