Casio ACS V6000 manual User groups, To configure password rules, Admin group

Page 45

40ACS v6000 Installation/Administration/User Guide

•Warning Days: Enter the number of days that a warning is issued to the user prior to expiration. Entering 0 will cause the warning to be issued on the expiration day. A negative value or no value means that no warning will be issued.

7.Enter the desired Account Expiration date (YYYY-MM-DD).

8.Click Save.

To configure password rules:

1.Click Users - Local Accounts - Password Rules.

2.If password complexity is desired (recommended), make sure Check Password Complexity is selected.

3.If password complexity is enabled, enter the desired values for password complexity.

4.Enter the desired values for Default Expiration.

5.Click Save.

User groups

User groups are given access and authorizations either by default or as assigned by an administrator. Administrators can alter the permissions and access rights of users belonging to the appliance-admin or user groups or create additional groups with custom permissions and access rights. Administrators can add, delete or modify permissions and access rights for users from any group at any time.

If an administrator configures the virtual console server to restrict user access to ports, the administrator can assign users to groups that are authorized for port access. The administrator can also authorize groups for data buffer management.

This document and the software refer to users whose accounts are configured on remote authentication servers as remote users. Remote users do not need local accounts.

Radius, TACACS+ and LDAP authentication services allow group configuration. If a remote user is configured as a member of a remote group, the authentication server provides the group name to the virtual console server when it authenticates the user. A local group by the same name must also be configured on the virtual console server. If an authentication server authenticates a remote user but does not return a group, then the remote user is, by default, assigned to the user group.

admin group

Members of the admin group have full administrative privileges that cannot be changed, the same access and configuration authorizations as the default admin user. Administrators can

Image 45

Contents ACS Page ACS B L E of C on TE N TS Iii ACS v6000 Installation/Administration/User Guide Access options Features and BenefitsWeb Manager IPv4 and IPv6 supportFlexible users and groups Security AuthenticationVPN based on IPSec with NAT traversal Packet filteringAuto discovery Data logging, notifications, alarms and data bufferingACS v6000 virtual console server requirements To create the virtual machine using the vSphere clientPage Using Telnet or SSH # telnet hostname IPaddress To use Telnet to connect to a device through a serial portTo close a Telnet session To use SSH to connect to a device through a serial portTo close an SSH session ACS v6000 Installation/Administration/User Guide To log into the web manager Web Manager Overview for AdministratorsWizard Mode Wizard Screen To configure network parameters To configure licensesTo configure Ports Access Expert ModeTo configure users and change the default user passwords To view and connect to devices using the web managerSystem Tools SystemSecurity profiles To configure the Security Profile To configure DSView 3 software security settingsSelect System Security Security Profile Help and Language Date and TimeVM Settings InformationUsage To configure a vCenter To add an association by DatacenterVCenter To power control targets using the web manager NetworkLicense To configure a network device SettingsDevices IPv4 and IPv6 static routesHosts Configuring the firewallFirewall To add a hostTo add a chain Protocol optionsIPSecVPN To change the policy for a default chainTo add a rule To edit a rulePayload or AH Authentication Header Snmp Configuration To configure SnmpClick Network Snmp Ports To enable or disable one or more serial portsSerial ports Select Ports Serial PortsCAS Ctrl-X Parameter Description To copy/clone the configuration of one port to other ports CAS ProfileAuto discovery To configure the input/output strings used by auto answer Select Probe Strings or Match StringsSelect Ports CAS Profile Auto Answer To configure a pool of CAS ports Pool of CAS portsClick Ports Pool of CAS Ports Pool of CAS Ports Parameters Parameter Description AuthenticationAuthentication servers Appliance authenticationTo set authentication for the console server To configure a Radius authentication serverSelect Authentication Authentication Servers TACACS+ To configure a TACACS+ authentication serverTo configure an Ldapsad authentication server Select Authentication Authentication Servers LdapsadTo configure an NIS authentication server To configure a Kerberos authentication serverTo configure a DSView authentication server Users Accounts and User GroupsTo add new users Local accountsClick Users Local Accounts Password Rules To configure password rulesAdmin group User groupsTo view admin Appliance Access Rights Shell-login-profile Appliance-admin groupUser group Managing user groupsTo configure a login profile for a user group Check the Enable Log-In Profile boxTo remove members from a user group To assign appliance access rights for custom user groups To add access to serial ports for a user groupTo configure a group in a Radius authentication server To configure a group in a TACACS+ authentication serverEvent Notifications Event ListEvent Destinations To configure Data Buffering Data BufferingSelect Events and Logs Data Buffering Active Sessions To configure Appliance LoggingMonitoring Appliance LoggingTo change your own password Change PasswordSelect Change Password Web Manager Overview for Regular UsersACS v6000 Installation/Administration/User Guide Configuration Appendix a BootP Configuration RetrievalAppendix B Technical Support To resolve an issueFor Technical Support