Manualshelf

HP Intelligent Management Center v5.1 TACACS+ Authentication Manager Administrator Guide

ManualsBrandsHP ManualsComputer AccessoriesHP IMC TACACS+ Authentication Manager additional 500-node E-LTU
71727374757677787980
70
The period of time is determined by the TAM system parameter Cancelled User Lifetime. After the
specified period elapses, the device user information is completely deleted from the TAM. For more
information about TAM system parameters, see "Configuring system parameters."
To view cancelled device users in TAM, go to the advanced query page of device users, and then select
Cancelled from the Status list, use the default setting of other parameters, and click Query.For more
information about advanced query for device users, see "Querying device users."
To batch cancel device users:
1. Click the User tab.
2. Select Device User View > All Device Users from the navigation tree.
The Device User List displays all device users.
3. Select the boxes to the left of the account names of the device users that you want to cancel, or click
the box before Account Name to select all device users, and then click Batch Cancel.
4. Click OK.
The operation result page displays the number of device users successfully cancelled and that
failed to be cancelled. If there is a failure, click Download to view or save the error logs. An error
log records the reason for a user cancelling failure.
Configuring the blacklist user function
To protect valid users and avoid invalid logins, TAM provides the blacklist user function.
Blacklist users are not allowed login to devices. A device user can be added to the blacklist in the
following ways:
Manually blacklistedWhen an operator finds that a device user may bring risks to the device by
analyzing the user logs, the operator can manually add the device user to blacklist. Manually
blacklisted users cannot be automatically removed from the blacklist. They can only be removed
from the blacklist manually by operators.
Automatically blacklistedIf a user consecutively uses the same account name but wrong
passwords to log in to a device, TAM considers the user is trying to crack the account and adds the
user to the blacklist. Such blacklist users can be automatically removed from the blacklist the next
morning, or be removed from the blacklist manually by operators.
NOTE:
The maximum number of consecutive authentication attempts permitted for a device user with incorrect
passwords is determined by the TAM system parameter Max. Authentication Attempts. For more
information about TAM system parameters, see "Configuring system parameters."
You can perform the following blacklist operations:
View the blacklist user list and key information about blacklist users.
Query blacklist users by specific criteria.
View detailed information about blacklist users.
Add device users to the blacklist.
Remove device users from the blacklist.