Administrator
Administrator
Context
User management includes creating a local user account (web platform user with the access type HTTP) and modifying or deleting existing user accounts.
By default, a local user named admin exists in the system. The user access types are HTTP and Terminal.
The default username and password are available in S Series Switches Default Usernames and Passwords (Enterprise Network or Carrier). If you have not obtained the access permission of the document, see Help on the website to find out how to obtain it.
Security risks exist if the user access type is set to Telnet, FTP or HTTP. You are advised to configure the required access modes only.
A simple password brings security risks. It is recommended that you change the password to a complicated one after logging in to the web network management system using the default account. A password should consist of at least 8 characters, and contain at least two types of the following: lowercase letters, uppercase letters, numerals, special characters (such as ! $ # %). The password cannot contain spaces and single quotation marks ('). In addition, the password cannot be the same as the user name or the mirror user name.
If the password configured in local user creation or modification is the same as the default password, security risk exists. To ensure device security, change the password periodically.
The user list includes information about the users whose user types are FTP, HTTP, SSH, Telnet, Terminal, or x25-pad. The access type of a created user can be FTP, HTTP, SSH, Telnet, Terminal, or x25-pad.
Procedure
- Create a user account.
Choose and click the Administrator tab, as shown in Figure 7-10.
Click Create to display the Create User page, as shown in Figure 7-11.
Table 7-5 describes the parameters for creating a user.
Table 7-5 Create User/Modify UserParameter
Description
User name
Indicates the new user name.
The user name cannot contain question marks (?) or spaces.
Old password
Indicates the current web system login password.
NOTE:This option is available only on the modification page of the current login user.
This parameter is configurable only when the Old password verification upon a password change is set to ON.
Password
Indicates the user password.
HTTP directory
Indicates the directory that HTTP users can access.
Access level
Indicates the user level.
There are two user levels in ascending order: monitoring user and management user.
Access type
Indicates the user access type.
Forced offline
Indicates whether a user is forcibly disconnected from the network.
NOTE:This parameter is only displayed on the user modification page.
SSH User Config
NOTE:This parameter is configurable only when the Access type is set to SSH.
Authentication mode
Indicates the authentication mode for an SSH user.
Service type
Indicates the service type for an SSH user.
Authorized directory
Indicates the SFTP service authorized directory for an SSH user.
Set the parameters.
Click OK.
- Modify user information.
Choose and click the Administrator tab.
Click the user account to be modified to access the Modify User page, as shown in Figure 7-12.
Table 7-5 describes the parameters for modifying user information. After the user attribute is changed, the user level is 3 for a management-level user and 1 for a monitoring-level user.
After you modify the user attribute, you need to log out and then log in again to make the modification take effect.
The user name is fixed and cannot be changed.
Set the parameters.
Click OK.
- Delete a user account.
Choose and click the Administrator tab.
Select the user account to be deleted and click Delete.
Click OK in the dialog box that is displayed.
Password Policy
Procedure
- Choose and click the Password Policy tab, as shown in Figure 7-13.
Table 7-6 describes the parameters on the page.Table 7-6 Password Policy
Item
Description
Set Password Policy for Administrator
Password policy
Whether to enable the password policy for local administrator.
History password records
Indicates the maximum number of historical passwords recorded for the local administrator.
Validity period (days)
Indicates the password validity period in number of days.
Remaining days
Indicates how long the system displays a prompt before the password expires.
Notification for initial login password change
Whether to enable the device to prompt users to change initial passwords.
Set Password Policy for Common User
Password policy
Whether to enable the password policy for local user.
History password records
Indicates the maximum number of historical passwords recorded for the local administrator. The value is an integer ranging from 0 to 12. The default value is 5.
- Set the parameters.
- Click Apply.
Online Administrator
Procedure
- Choose and click the Online Administrator tab, as shown in Figure 7-14.
- Select one or more users and click Forcible Logout to force the user or users to go offline.
