Cisco Systems OL-12180-01 Add/Edit User Account

12-9

ASDM User Guide

OL-12180-01

Chapter12 Configuring AAA Servers and User Accounts Configuring the Local Database

•VPN Group Lock—Specifieswhat, if any, group lock policy is in effect for this user. Not available

in multimode.

•Add—Displays the Add User Account dialog box.

•Edit—Displays the Edit User Account dialog box.

•Delete—Removes the selected row from the table. There is no confirmation or undo.

Modes

The following table shows the modes in which this feature is available:

Add/Edit User Account > Identity

Use this pane to specify parameters that identify the user account you want to add or change. The

changes appear in the User Accounts table as soon as you click OK.

Fields

•Username—Specifies the username for this account.

•Change user password—When editing an existing user, check this box to change the password.

–

Password—Specifies the unique password for this user. The minimum password length is 4

characters. The maximum is 32 characters. Entries are case-sensitive. The field displays only

asterisks.

To protect security, we recommend a password length of at least 8 characters.

–

ConfirmPassword—Asks you to re-enter the user password to verify it. The field displays only

asterisks.

•User authenticated using MSCHAP—Specifiesthat the password will be converted to unicode and

hashed using MD4 after you enter it. Use this option if users are authenticated using MSCHAPv1

or MSCHAPv2

•Member-of—Specifies the VPN groups that the user belongs to.

–

Member-of—Enter the name of a VPN group.

–

Add—Adds the VPN group to the list.

–

Delete—Deletes a VPN group from the list.

•AccessRestriction—This section sets the management access level for a user. Youmust first enable

management authorization using the Perform authorization for exec shell access option on the

Configuration > Device Management > Users/AAA > AAA Access > Authorization tab.

–

Full Access (ASDM, Telnet, SSH and console)—If you configure authentication for

management access using the local database (see the “Configuring Authentication for CLI,

ASDM,and enable command Access” section on page 13-27),then this option lets the user use

ASDM,SSH, Telnet, and the console port. If you also configure enable authentication, then the

user can access global configuration mode.

Firewall Mode Security Context

Routed Transparent Single

Multiple

Context System

••••—