Cisco Systems MGX 8220 User Accounts and Privilege Levels

3-7

Cisco MGX 8220 Installation and Configuration

Release 5.0, Part Number 78-6430-03 Rev. D0, November 2003

Chapter User Accounts and Privilege Levels

User Accounts and Privilege Levels

The Cisco MGX8220 includes built-in security features to pre v ent unaut ho ri zed u se of t he syst e m. The

security features require that e ach u ser o n th e sy s te m h ave a valid account (specified by a userID),

password, and privilege leve l.

The combination of account, password, and privilege level determines which commands the user can

enter.

The account (userID) and privilege level ar e ass igned using the adduser command. There is a de fau lt

password which is used the first ti me a user logs in. When logge d in, the user can change the passw ord

to a personal password wi th the cnfpwd configure password command.

This section describes the following topics:

•Accounts, page 3-7

•Privilege Levels, page 3-7

•Passwords, page 3-7

Each user is assigned an account (u serID), which is specified as a paramet er in the adduser command.

The userID consists of up to 12- al p han u mer ic characters including letters, num b er s, a hy p he n, an d an

underscore. UserIDs are case sen sit ive.

When a user attempts to log in , t he s y stem prompts for a valid userID.

The Cisco MGX 8220 shelf permits one sup erviso r accou nt and 63 us er ac counts. The Cis co MGX8220

shelf ships with a preconfigured superuser account.

Each account is assigned a privilege level when the account is established with the adduser command.

Only an established user can en te r th e adduser command to open a new account. The account you

create can only have a privilege level at th e s a m e or l ower l evel than your own privilege level.

All commands have an assign ed privilege level. A command can only be enter by a user whose pr ivilege

level is equal to or above the privilege level of the comm and. There is one superuser privilege level an d

six user levels designated 1 to 6 (with 1 being the highest).

A default password is used the fi rst ti m e use rs log in. When users are logged o n , th ey can change the

password entering the cnfpwd command.

The password must consist of 6 to 1 5 ch ar act er s. O n ly l ett er s , n u mb er s, a hyphen, an underscore, and

spaces are allowed. The password is case sensitive. For security, the password is not displayed as it is

entered.

When a user attempts to log in, the system prompts for a valid password after the userID prompt has

been entered. The user must respon d w it h th e ac count’s valid password.