beautypg.com

Configuring user group attributes – H3C Technologies H3C SecBlade LB Cards User Manual

Page 65

background image

54

Configuring user group attributes

User groups simplify local user configuration and management. A user group comprises a group of local

users and has a set of local user attributes. You can configure local user attributes for a user group to
implement centralized user attributes management for the local users in the group. Configurable user

attributes include password control attributes and authorization attributes.
By default, every newly added local user belongs to the default user group system and bears all attributes

of the group. To assign a local user to a different user group, use the user-group command in local user
view.
To configure attributes for a user group:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Create a user group and enter
user group view.

user-group group-name

N/A

3.

Configure password control
attributes for the user group.

Set the password aging time:

password-control aging

aging-time

Set the minimum password

length:
password-control length length

Configure the password

composition policy:
password-control composition

type-number type-number

[ type-length type-length ]

Optional.
By default, user group uses global
settings, including a 90-day

password aging time, a minimum

password length of 10 characters,

and at least one password
composition type and at least one

character required for each

password composition type.
For more information about
password control attribute

commands, see Security

Command Reference.

4.

Configure authorization

attributes for the user group.

authorization-attribute { level level
| work-directory directory-name }
*

Optional.
By default, no authorization

attribute is configured for a user
group.

5.

Set the guest attribute for the
user group.

group-attribute allow-guest

Optional.
By default, the guest attribute is not
set for a user group, and guest

users created by a guest manager

through the Web interface cannot
join the group.

Displaying and maintaining local users and local user groups

Task Command

Remarks

Display local user
information.

display local-user [ vd vd-name ] [ service-type { ftp | ssh |
telnet | terminal | web } | state { active | block } |

user-name user-name ] [ | { begin | exclude | include }
regular-expression ]

Available in any
view.

Display the user group
configuration.

display user-group [ group-name ] [ | { begin | exclude |
include } regular-expression ]

Available in any
view.

This manual is related to the following products:
See also other documents in the category H3C Technologies Safety: