Cisco Cisco Packet Data Interworking Function (PDIF) トラブルシューティングガイド
Global Configuration Mode Commands
▀ local-user username
▄ Cisco ASR 5000 Series Command Line Interface Reference
OL-22948-01
The ability to configure administrative local-users is provided in support of the login security mechanisms
specified in ANSI T1.276-2003.
Like administrative users configured at the context level, local-users can be assigned one of 4 security levels:
specified in ANSI T1.276-2003.
Like administrative users configured at the context level, local-users can be assigned one of 4 security levels:
Local-User Level User
Context Level User
Security Administrator Administrator
Administrator
Config-Administrator
Operator
Operator
Inspector
Inspector
Local-user configuration support is handled differently from that provided for administrative users configured
at the context level.
Context-level administrative users rely on the system‘s AAA subsystems for validating user names and
passwords during login. This is true for both administrative user accounts configured locally through a
configuration file or on an external RADIUS server. Passwords for these user types are assigned once and are
accessible in the configuration file.
Local-user account information (passwords, password history, lockout states, etc.) is maintained in non-
volatile memory on the CompactFlash module and in the software‘s Shared Configuration Task (SCT). This
information is maintained in a separate file--not in configuration files used by the system. As such, the
configured local-user accounts are not visible with the rest of the system configuration.
Local-user and context-level administrative accounts can be used in parallel.
at the context level.
Context-level administrative users rely on the system‘s AAA subsystems for validating user names and
passwords during login. This is true for both administrative user accounts configured locally through a
configuration file or on an external RADIUS server. Passwords for these user types are assigned once and are
accessible in the configuration file.
Local-user account information (passwords, password history, lockout states, etc.) is maintained in non-
volatile memory on the CompactFlash module and in the software‘s Shared Configuration Task (SCT). This
information is maintained in a separate file--not in configuration files used by the system. As such, the
configured local-user accounts are not visible with the rest of the system configuration.
Local-user and context-level administrative accounts can be used in parallel.
Example
The following command configures a security-administrator level local-user administrative account for a user named
User672 that has FTP privileges, a temporary password of abc123, and that does not lockout due to either login attempt
failures or password aging:
The following command configures a security-administrator level local-user administrative account for a user named
User672 that has FTP privileges, a temporary password of abc123, and that does not lockout due to either login attempt
failures or password aging:
The following command deletes a previously configured local-user administrative account called admin32: