Switch 7700 Configuration Guide
Configuring the AAA and RADIUS Protocols 189
Creating a Local User
A local user is a group of users set on NAS. The username is the unique identifier
of a user. A supplicant requesting network service may use local authentication
only if its corresponding local user has been added onto NAS.
Perform the following configurations in system view.
By default, there is no local user in the system.
Setting Attributes of a Local User
The attributes of a local user include its password, state, service type and some
other settings.
Perform the following configurations in system view.
Where, auto means that the password display mode will be the one specified by
the user at the time of configuring password (see the password command in the
following table for reference), and cipher-force means that the password display
mode of all the accessing users must be in cipher text.
Perform the following configurations in local user view.
Tabl e 14 Create/Delete a Local User and Relevant Properties
Operation Command
Add local users local-user user-name
Delete all the local users undo local-user all
Delete a local user by
specifying its type
undo local-user {user-name | all [service-type {lan-access |
ftp | telnet}]}
Tabl e 15 Set the Method that a Local User Uses to Set Password
Operation Command
Set the method that a local
user uses to set password
local-user password-display-mode { cipher-force | auto}
Cancel the method that the
local user uses to set password
undo local-user password-display-mode
Tabl e 16 Set/Remove the Attributes Concerned with a Specified User
Operation Command
Set a password for a specified
user
password {simple | cipher} password
Remove the password set for
the specified user
undo password
Set the state of the specified
user
state {active | block}
Disable the state of the
specified user
undo state {active | block}
Set a service type for the
specified user
service-type { telnet [level level] | ftp [ftp-directory
directory ] | lan-access}
Cancel the service type of the
specified user
undo service-type {telnet [ level] | ftp [ftp-directory] |
lan-access}