beautypg.com

H3C Technologies H3C S6300 Series Switches User Manual

Page 35

background image

20

Step Command

Remarks

4.

Assign services to the local
user.

For a network access user:
service-type { lan-access |

portal }

For a device management user:

{

In non-FIPS mode:

service-type { ftp | { http |
https | ssh | telnet |

terminal } * }

{

In FIPS mode:

service-type { https | ssh |

terminal } *

By default, no service is authorized to
a local user.

5.

(Optional.) Place the local
user to the active or

blocked state.

state { active | block }

By default, a created local user is in
active state and can request network
services.

6.

(Optional.) Set the upper
limit of concurrent logins

using the local user name.

access-limit max-user-number

By default, the number of concurrent
logins is not limited for the local user.
This command takes effect only when
local accounting is configured for the

local user. It does not apply to FTP,

SFTP, or SCP users, who do not
support accounting.

7.

(Optional.) Configure

binding attributes for the
local user.

bind-attribute { ip ip-address |
location interface interface-type
interface-number | mac

mac-address | vlan vlan-id } *

By default, no binding attribute is
configured for a local user.
Binding attribute ip applies only to
LAN users using 802.1X.
Binding attributes location, mac, and

vlan apply only to LAN and portal
users.

8.

(Optional.) Configure
authorization attributes for

the local user.

authorization-attribute { acl
acl-number | user-role role-name |

vlan vlan-id | work-directory

directory-name } *

The following default settings apply:

FTP, SFTP, and SCP users have the

root directory of the NAS set as

the working directory. However,
the users do not have permission

to access the root directory.

The network-operator user role is

assigned to local users that are

created by a network-admin or

level-15 user.

For LAN and portal users, only the
settings for acl and vlan take effect.
For HTTP, HTTPS, Telnet, and
terminal users, only the setting for

user-role takes effect.
For SSH and FTP users, only the
settings for user-role and

work-directory take effect.
For other types of local users, no

authorization attribute takes effect.

This manual is related to the following products:
See also other documents in the category H3C Technologies Routers: