beautypg.com

H3C Technologies H3C SecBlade LB Cards User Manual

Page 64

background image

53

Step Command

Remarks

4.

Assign service types for the
local user.

service-type { ftp | { ssh | telnet |
terminal } * | web }

By default, no service is authorized to a
local user.

5.

Place the local user to the

active or blocked state.

state { active | block }

Optional.
By default, a created local user is in

active state and can request network
services.

6.

Set the maximum number

of concurrent users of the

local user account.

access-limit max-user-number

Optional.
By default, there is no limit to the
maximum number of concurrent users

of a local user account.
The limit is effective only for local
accounting, and is not effective for FTP

users.

7.

Configure password
control attributes for the

local user.

Set the password aging time:

password-control aging

aging-time

Set the minimum password

length:

password-control length
length

Configure the password

composition policy:
password-control composition

type-number type-number

[ type-length type-length ]

Optional.
By default, local user uses password

control attributes of the user group to
which the local user belongs, and uses

the global setting for any password

control attribute that is not configured
in the user group. The global settings

include a 90-day password aging time,

a minimum password length of 10
characters, and at least one password

composition type and at least one

character required for each password
composition type.

8.

Configure binding
attributes for the local user. bind-attribute ip ip-address

Optional.
By default, no binding attribute is

configured for a local user.

9.

Configure authorization
attributes for the local user.

authorization-attribute { level
level | user-role { guest |
guest-manager | security-audit }

| work-directory directory-name }

*

Optional.
By default, no authorization attribute is

configured for a local user.
For SSH, terminal, and Web users,
only level is supported.
For FTP users, only level and
work-directory are supported.
For Telnet users, only level and

user-role are supported.

10.

Set the validity time of the
local user.

validity-date time

Optional.
Not set by default.

11.

Set the expiration time of
the local user.

expiration-date time

Optional.
Not set by default.

12.

Assign the local user to a
user group.

group group-name

Optional.
By default, a local user belongs to the
default user group system.

This manual is related to the following products:
See also other documents in the category H3C Technologies Safety: