Handbook

ManualsBrandsNEC ManualsBlade ServersNEC N8406-026 10Gb L3 Switch

Error! Use the Home tab to apply 見出し 1 to the text that you want to appear here. 30

User access control

The switch allows an administrator to define end user accounts that permit end users to perform limited

actions on the switch. Once end user accounts are configured and enabled, the switch requires

username/password authentication.

The administrator defines access levels for each switch user, as shown in the following table.

Table 6 User access levels

User

account

Description

Password

admin

The Administrator has complete access to all menus, information, and

configuration commands on the switch, including the ability to change

both the user and administrator passwords.

admin

oper

The Operator manages all functions of the switch. The Operator can

reset ports or the entire switch.

oper

user

The User can view all switch status information and statistics but

cannot make any configuration changes to the switch.

user

Passwords can be up to 128 characters in length for TACACS+, Telnet, SSH, console, and BBI access.

When RADIUS authentication is used, the maximum password length is 16 characters.

If RADIUS authentication is used, the user password on the Radius server will override the user password on

the switch. Also note that the password-change command on the switch modifies only the ―use switch‖

password and has no effect on the user password on the Radius server. RADIUS authentication and user

password cannot be used concurrently to access the switch.

Setting up user IDs

The administrator can configure up to 10 user accounts.

To configure an end-user account, perform the following steps:

1. Select a user ID to define.

>> # /cfg/sys/access/user/uid 1

2. Define the user name and password.

>> User ID 1 # name jane (Assign name “jane” to user ID 1)

Current user name:

New user name: jane

3. Define the user access level. By default, the end user is assigned to the user access level. To change

the user‘s access level, enter the user Class of Service (cos) command, and select one of the

available options.

>> User ID 1 # cos <user|oper|admin>

4. Enable the user ID.

>> # /cfg/sys/access/user/uid <#>/ena

Once an end user account is configured and enabled, the user can login to the switch using the

username/password combination. The level of switch access is determined by the user CoS for the

account. The CoS corresponds to the user access levels described in the User access levels table.