Chapter 26 User/Group

Table 135 username/groupname Commands Summary: Settings (continued)

COMMAND

DESCRIPTION

users default-setting [no] user-type <admin

Sets the default reauthorization time (in minutes) for each type of

ext-userguestlimited-adminuserext-group-

new user. Set it to zero for unlimited reauthorization time. The no

user> logon-re-auth-time <0..1440>

command sets the default reauthorization time to thirty.

show users retry-settings

Displays the current retry limit settings for users.

[no] users retry-limit

Enables the retry limit for users. The no command disables the

 

retry limit.

[no] users retry-count <1..99>

Sets the number of failed login attempts a user can have before the

 

account or IP address is locked out for lockout-period minutes. The

 

no command sets the retry-count to five.

[no] users lockout-period <1..65535>

Sets the amount of time, in minutes, a user or IP address is locked

 

out after retry-count number of failed login attempts. The no

 

command sets the lockout period to thirty minutes.

show users simultaneous-logon-settings

Displays the current settings for simultaneous logins by users.

[no] users simultaneous-logon {administration

Enables the limit on the number of simultaneous logins by users of

access} enforce

the specified account-type. The no command disables the limit, or

 

allows an unlimited number of simultaneous logins.

[no] users simultaneous-logon {administration

Sets the limit for the number of simultaneous logins by users of the

access} limit <1..1024>

specified account-type. The no command sets the limit to one.

show users update-lease-settings

Displays whether or not access users can automatically renew their

 

lease time.

[no] users update-lease automation

Lets users automatically renew their lease time. The no command

 

prevents them from automatically renewing it.

show users idle-detection-settings

Displays whether or not users are automatically logged out, and, if

 

so, how many minutes of idle time must pass before they are

 

logged out.

 

 

[no] users idle-detection

Enables logging users out after a specified number of minutes of

 

idle time. The no command disables logging them out.

[no] users idle-detection timeout <1..60>

Sets the number of minutes of idle time before users are

 

automatically logged out. The no command sets the idle-detection

 

timeout to three minutes.

26.2.3.1 User Setting Command Examples

The following commands show the current settings for the number of simultaneous logins.

Router# configure terminal

Router(config)# show users simultaneous-logon-settings

enable

simultaneous

logon

limitation

for

administration account:

yes

maximum simultaneous logon per

administration account

:

1

enable

simultaneous

logon

limitation

for

access account

:

yes

maximum simultaneous logon per

access account

:

3

232

 

ZyWALL (ZLD) CLI Reference Guide