Cisco Cisco Packet Data Interworking Function (PDIF) Guía Para Resolver Problemas
Software Management Operations
Managing Local-User Administrative Accounts ▀
Cisco ASR 5000 Series System Administration Guide ▄
OL-22969-02
Managing Local-User Administrative Accounts
Unlike context-level administrative accounts which are configured via a configuration file, information for local-user
administrative accounts is maintained in a separate file on the CompactFlash and managed through the software‘s
Shared Configuration Task (SCT). Because local-user accounts were designed to be compliant with ANSI T1.276-2003,
the system provides a number of mechanisms for managing these types of administrative user accounts.
administrative accounts is maintained in a separate file on the CompactFlash and managed through the software‘s
Shared Configuration Task (SCT). Because local-user accounts were designed to be compliant with ANSI T1.276-2003,
the system provides a number of mechanisms for managing these types of administrative user accounts.
Configuring Local-User Password Properties
Local-user account password properties are configured globally and apply to all local-user accounts. The system
supports the configuration of the following password properties:
supports the configuration of the following password properties:
Complexity: Password complexity can be forced to be compliant with ANSI T1.276-2003.
History length: How many previous password versions should be tracked by the system.
Maximum age: How long a user can use the same password.
Minimum number of characters to change: How many characters must be changed in the password during a
reset.
Minimum change interval: How often a user can change their password.
Minimum length: The minimum number of characters a valid password must contain.
Refer to the
command in the Global Configuration Mode chapter of the Command Line
Interface Reference for details on each of the above parameters.
Configuring Local-User Account Management Properties
Local-user account management includes configuring account lockouts and user suspensions.
Local-User Account Lockouts
Local-user accounts can be administratively locked for the following reasons:
Login failures: The configured maximum login failure threshold has been reached. Refer to the
command in the Global Configuration Mode chapter of the Command Line Interface
Reference for details
Password Aging: The configured maximum password age has been reached. Refer to the
command in the Global Configuration Mode chapter of the Command Line Interface Reference for
details.