Reference Guide
Parameters seconds — Enter the timeout period used to wait for an authentication response from a TACACS+ server (1 to
1000 seconds).
Default 5 seconds
Command Mode CONFIGURATION
Usage Information The no version of this command resets the TACACS+ server timeout to the default.
Example
OS10(config)# tacacs-server timeout 360
Supported Releases 10.4.0E(R2) or later
username password role
Creates an authentication entry based on a user name and password, and assigns a role to the user.
Syntax
username username password password role role
Parameters
• username username — Enter a text string (up to 32 alphanumeric characters; 1 character minimum).
• password password — Enter a text string (up to 32 alphanumeric characters; 9 characters minimum).
• role role — Enter a user role:
– sysadmin — Full access to all commands in the system, exclusive access to commands that manipulate
the le system, and access to the system shell. A system administrator can create user IDs and user roles.
– secadmin — Full access to conguration commands that set security policy and system access, such as
password strength, AAA authorization, and cryptographic keys. A security administrator can display security
information, such as cryptographic keys, login statistics, and log information.
– netadmin — Full access to conguration commands that manage trac owing through the switch,
such as routes, interfaces, and ACLs. A network administrator cannot access conguration commands for
security features or view security information.
– netoperator — Access to EXEC mode to view the current conguration. A network operator cannot
modify any conguration setting on a switch.
Default
• User name and password entries are in clear text.
• There is no default user role.
Command Mode CONFIGURATION
Usage Information
• By default, the password must be at least nine alphanumeric characters. You can enter special characters, such
as:
! # % & ' ( ) ; < = > [ ] * + - . / : ^ _
Enter the password in clear text. It is converted to SHA-512 format in the running conguration. For backward
compatibility with OS10 releases 10.3.1E and earlier, passwords entered in MD-5, SHA-256, and SHA-512 format
are supported.
•
To increase the required password strength, use the password-attributes command.
• The no version of this command deletes authentication for a user.
Example
OS10(config)# username user05 password newpwd404 role sysadmin
Supported Releases 10.2.0E or later
474 System management