HP VPN Firewall Appliances Getting Started Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

111

112

113

114

115

116

117

118

119

120

105

Managing users

Local users are a set of user attributes configured on the local device. A local user is uniquely identified

by username. To enable users using a certain network service to pass the local authentication, you must

configure accounts for the users to the local user database on the device.

A local user has the following attributes:

• Username

• User password

• User privilege level

• Service type that the user can use

• Virtual device to which the user belongs

Managing user levels

User levels, from low to high, are visitor, monitor, configure, and management. A user with a higher

level has all the operating rights of a lower level.

• Visitor—Users of this level can perform ping and traceroute operations, but can neither access the

device data nor configure the device.

• Monitor—Users of this level can only access the device data but cannot configure the device.

• Configure—Users of this level can access data from the device and configure the device, but they

cannot upgrade the host software, add/delete/modify users, or back up/restore the application

file.

• Management—Users of this level can perform any operations for the device.

The previously mentioned user levels apply to users using root virtual devices only.

Configuring a user privilege level

If the authentication mode on a user interface is scheme, configure a user privilege level for the user

interface's users through the AAA module or directly on the user interface. For SSH users who use

public-key authentication, the user privilege level configured directly on the user interface always takes

effect. For other users, the user privilege level configured in the AAA module has priority over the one

configured directly on the user interface.

If the authentication mode on a user interface is none or password, configure the user privilege level

directly on the user interface.

For more information about user login authentication, see "Logging in to the CLI." For more information

about AAA and SSH, see Access Control Configuration Guide.

Configuring a user privilege level for users through the AAA module

Ste

Command

Remarks

1. Enter system view.

system-view N/A