Cisco Systems SMC-127 manual Configuring a Username and Password for a Non-Owner SDR, SMC-157

Page 31

Configuring Secure Domain Routers on Cisco IOS XR Software

How to Configure Secure Domain Routers

 

Command or Action

Purpose

 

 

 

Step 4 end

Saves configuration changes.

 

or

When you issue the end command, the system prompts

 

 

 

commit

you to commit changes:

 

 

Uncommitted changes found. Commit them?

 

Example:

Entering yes saves configuration changes to the

 

RP/0/RP0/CPU0:router (admin-config)# end

running configuration file, exits the configuration

 

or

session, and returns the router to EXEC mode.

 

 

 

RP/0/RP0/CPU0:router(admin-config)# commit

Entering no exits the configuration session and

 

 

 

 

returns the router to EXEC mode without

 

 

committing the configuration changes.

 

 

Entering cancel leaves the user in the same

 

 

command mode without committing the

 

 

configuration changes.

 

 

Use the commit command to save the configuration

 

 

changes to the running configuration file and remain

 

 

within the configuration session.

 

 

 

Configuring a Username and Password for a Non-Owner SDR

After you create an SDR, you can create a username and password on that SDR. When you assign root-lr privileges to that username, the user can administer the non-owner SDR and create additional users if necessary.

Note Only users with root-system privileges can access Administration modes to add or remove SDRs. SDR users cannot add or remove SDRs.

To create a username and password for the new non-owner SDR.

1.On the owner SDR, enable admin plane authentication. This allows you to log in to the non-owner SDR and create local usernames and passwords.

2.Log in to the non-owner SDR.

3.Configure a new username and password on the non-owner SDR. Assign the username to the root-lr group to allow the creation of additional usernames on that SDR.

4.To verify the new username, log out and log back in to the non-owner SDR using the new username and password.

5.Provide the username and password to the SDR user.

Complete the following steps to create usernames and passwords on a non-owner SDR.

SUMMARY STEPS

1.Connect a terminal to the console port of the DSC (DSDRSC of the owner SDR).

2.admin

3.configure

4.aaa authentication login remote local

Cisco IOS XR System Management Configuration Guide

SMC-157

Page 30 Page 32
Image 31
Page 30 Page 32
Contents Contents Configuring Secure Domain Routers on Cisco IOS XR SoftwareSMC-128 Prerequisites for Configuring Secure Domain RoutersSMC-129 Information About Configuring Secure Domain RoutersWhat Is a Secure Domain Router? Owner SDR and Administration Configuration ModeSMC-130 SDR Access PrivilegesNon-Owner SDRs Root-System UsersOther SDR Users Root-lr UsersSMC-131 DSCs and DSDRSCs in a Cisco CRS-1 Router Designated Secure Domain Router System Controller DsdrscSMC-132 SMC-133 DSC and DSDRSCs in a Cisco XR 12000 Series RouterSMC-134 SMC-135 Default Configuration for New Non-Owner SDRsRemoving a Dsdrsc Configuration Default Software Profile for SDRsDsdrsc Redundancy Fault IsolationRebooting an SDR High Availability ImplicationsSMC-137 Cisco IOS XR Software Package ManagementSMC-138 DSC Migration on Cisco CRS-1 Multishelf SystemsSMC-139 CaveatsContents How to Configure Secure Domain RoutersCreating SDRs SMC-141 Summary StepsExample Command or Action PurposeSMC-142 SMC-143 To assign a DRP pair as the DsdrscTo assign a single DRP node as the Dsdrsc To assign an RP pair as the DsdrscSMC-144 To add a single nodeTo add a DRP pair To add an RP pairSMC-145 Creating SDRs in a 12000 Series RouterSMC-146 DSDRSCs in a Cisco XR 12000 Series Router section onSee the DSC and DSDRSCs in a Cisco XR 12000 Series Router section on page SMC-133SMC-147 Refer to the Adding Nodes to a Non-Owner SDR sectionAdding Nodes to an SDR in a Cisco CRS-1 Router Adding Nodes to a Non-Owner SDRSMC-148 SMC-149 Creating SDRs in a Cisco CRS-1 RouterSMC-150 Adding Nodes to an SDR in a Cisco XR 12000 Series RouterA Cisco XR 12000 Series Router section on Removing Nodes and SDRsSMC-151 SMC-152 To remove an RP pair To remove a DsdrscTo remove a single node To remove a DRP pairSMC-154 Section on page SMC-150 Nodes to an SDR in a Cisco XR 12000 Series RouterSMC-155 SMC-156 Removing a Secure Domain RouterSMC-157 Configuring a Username and Password for a Non-Owner SDRSMC-158 Group root-lr End or commit ExitSMC-159 System Security Configuration Guide for moreSMC-160 See Disabling Remote Login for SDRs, page SMC-161for Disabling Remote Login for SDRsSMC-161 SMC-162 Configuration Examples for Secure Domain RoutersCreating a New SDR on a Cisco CRS-1 Router Creating an SDR on a Cisco XR 12000 Series RouterSMC-163 MIBs Additional ReferencesRelated Documents StandardsDescription Link RFCsTechnical Assistance RFCs TitleSMC-166
Top Page Image Contents