username
Use this command to add a user or to change a user password.
The role parameter maps to privilege levels in the TACACS
Terminal Access Controller Access Control System+ server as shown in the table below.
|
Role |
Privilege level |
|
Network administrator |
15 |
|
Network engineer |
14 |
|
Network operator |
1 to 13 |
|
Network user |
0 or greater then 15 |
Use the no form of this command to remove a user.
Command Syntax
username USERNAME
username USERNAME password (encrypted|) PASSWORD
username USERNAME role (network-admin|network-engineer|network-operator|network-user)
username USERNAME role (network-admin|network-engineer|network-operator|network-user) password (encrypted|) PASSWORD
username disable-default
no username disable-default
no username USERNAMEParameters
USERNAME
User name; length 2-15 characters
encrypted
Encrypted password
PASSWORD
Password; length: 8-32 characters. Password must contain at least:
- One uppercase letter
- One lowercase letter
- One digit
- One special character (acceptable special characters: ~`!@#$%^&*(){}'[],.\"</\+-_:; ) ,
The following characters are not acceptable in passwords: '=?|>
network-admin
Network administrator role with all access permissions that can make permanent changes to the configuration. Changes persist after a reset/reboot of the switch.
Only network administrators can manage other users with the enable password, Authentication, Authorization and Accounting, RADIUS Commands, and TACACS+ Commands.
network-engineer
Network engineer role with all access permission that can make permanent changes to the configuration. Changes persist after a reset/reboot of the switch.
network-operator
Network operator role with all access permissions that can make temporary changes to the configuration. Changes do not persist after a reset/reboot of the switch.
network-user
Network user role with access permissions to display the configuration, but cannot change the configuration.
disable-default
This option is used to disable the implicit configuration of default user by the system. This command can be executed only by users with “network-admin” privileges. When this option is configured, explicit configuration of default user will be rejected. If default-user is explicitly configured using “username” CLI, it should be removed using “no username USERNAME” before configuring “disable-default”.
Default
None
Command Mode
Configure mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
(config)#username fred_smith password Fred123$