Cisco Cisco Expressway Maintenance Manual
■
You can add additional local administrator accounts which can be used to access the Expressway using the
web and API interfaces only.
web and API interfaces only.
■
Remotely managed administrator accounts can be used to access the Expressway using the web and API
interfaces only.
interfaces only.
page
(Users > Password security). All passwords and usernames are case sensitive.
Note that:
■
and can be used as an audit trail. This is particularly useful when you have multiple administrator accounts.
■
More than one administrator session can be running at the same time. These sessions could be using the web
interface, command line interface, or a mixture of both. This may cause confusion if each administrator
session attempts to modify the same configuration settings - changes made in one session will overwrite
changes made in another session.
interface, command line interface, or a mixture of both. This may cause confusion if each administrator
session attempts to modify the same configuration settings - changes made in one session will overwrite
changes made in another session.
■
).
section for more information.
Root account
The Expressway provides a root account which can be used to log in to the Expressway operating system. The root
account should not be used in normal operation, and in particular system configuration should not be conducted
using this account. Use the admin account instead.
account should not be used in normal operation, and in particular system configuration should not be conducted
using this account. Use the admin account instead.
section for more information.
Note:
remember to change the passwords for the admin and root accounts from their default values.
Configuring Password Security
passwords must meet a minimum level of complexity before they are accepted.
If Enforce strict passwords is set to On, all subsequently configured local administrator account passwords must
conform to the following rules for what constitutes a strict password.
conform to the following rules for what constitutes a strict password.
If Enforce strict passwords is set to Off, no extra checks are made on local administrator account passwords.
Notes:
■
You can never set a blank password for any administrator account, regardless of this setting.
■
This setting affects only local administrator account passwords. It does not affect any other passwords used
on the Expressway, such as in the local authentication database, LDAP server, external registration
credentials, user account passwords, or administrator account passwords stored on remote credential
directories.
on the Expressway, such as in the local authentication database, LDAP server, external registration
credentials, user account passwords, or administrator account passwords stored on remote credential
directories.
■
All passwords and usernames are case sensitive.
Non-configurable rules for strict passwords
The following password rules always apply when Enforce strict passwords is set to On. There is no way to configure
them:
them:
■
Avoid multiple instances of the same characters (non-consecutive instances are checked)
■
Avoid three or more consecutive characters such as "abc" or "123"
■
Avoid dictionary words, or reversed dictionary words
■
Avoid palindromes, such as "risetovotesir"
170
Cisco Expressway Administrator Guide
User Accounts