Cisco Cisco TelePresence Video Communication Server Expressway 관리 매뉴얼
161
D14049.08
November 2010
November 2010
Grey Headline (continued)
CISCO TELEPRESENCE
VIDEO COMMUNICATION SERVER
ADMINISTRATOR GUIDE
Login accounts
Maintaining administrator accounts
Default administrator account
The VCS has a default administrator account with full read-write
access. This account is used to log in to the VCS using the web
interface or the CLI. The username for this account is admin (all
lower case) and the default password is TANDBERG (all upper
case).
You cannot delete the default administrator account or change
its admin username, but you should change the password as
soon as possible. Choose a strong password, particularly if
administration over IP is enabled.
access. This account is used to log in to the VCS using the web
interface or the CLI. The username for this account is admin (all
lower case) and the default password is TANDBERG (all upper
case).
You cannot delete the default administrator account or change
its admin username, but you should change the password as
soon as possible. Choose a strong password, particularly if
administration over IP is enabled.
The default admin account is managed locally and is
always accessible, even if remote administrator account
authentication is selected.
If you forget the password for the admin account, you can
still log in as another administrator user with read-write
access and change the password for the admin account.
always accessible, even if remote administrator account
authentication is selected.
If you forget the password for the admin account, you can
still log in as another administrator user with read-write
access and change the password for the admin account.
If you do not have any other such administrator users set up, or
you have forgotten those passwords as well, it is possible to
reset the password for the admin account as long as you have
physical access to the VCS. See the section
you have forgotten those passwords as well, it is possible to
reset the password for the admin account as long as you have
physical access to the VCS. See the section
for details.
Additional administrator accounts
You can add up to 15 additional local administrator accounts.
These can be used to log in using the web interface only.
These can be used to log in using the web interface only.
The
records all login attempts and
configuration changes made using the web interface, and
can be used as an audit trail. This is particularly useful
when you have multiple administrator accounts.
can be used as an audit trail. This is particularly useful
when you have multiple administrator accounts.
!
It is possible to have more than one administrator
session running at the same time. These sessions could
be using the web interface, command line interface, or a
session running at the same time. These sessions could
be using the web interface, command line interface, or a
mixture of both. This may cause confusion if each administrator
session attempts to modify the same configuration settings
- changes made in one session will overwrite changes made in
another session.
session attempts to modify the same configuration settings
- changes made in one session will overwrite changes made in
another session.
Administrator password security
The Password security page (Maintenance > Login accounts
> Password security) lets you determine whether or not
administrator passwords and the root password must meet a
minimum level of complexity before they are accepted.
If Enforce strict passwords is set to On, all subsequently
configured administrator passwords and root passwords must
contain at least 15 ASCII characters made up of at least:
> Password security) lets you determine whether or not
administrator passwords and the root password must meet a
minimum level of complexity before they are accepted.
If Enforce strict passwords is set to On, all subsequently
configured administrator passwords and root passwords must
contain at least 15 ASCII characters made up of at least:
•
2 lowercase letters ['a'..'z']
•
2 uppercase letters ['A'..'Z']
•
2 numeric values ['0'..'9']
•
2 special characters [e.g. '@', '$']
If you change Enforce strict passwords from Off to On, you will
receive a warning if any existing administrator accounts or the
root account have passwords that do not meet the security
requirements.
If Enforce strict passwords is set to Off, no checks are made on
administrator passwords.
receive a warning if any existing administrator accounts or the
root account have passwords that do not meet the security
requirements.
If Enforce strict passwords is set to Off, no checks are made on
administrator passwords.
.
The Enforce strict passwords setting affects
administrator passwords and the password for the
administrator passwords and the password for the
only. It does not affect any other passwords
used on the VCS such as in the local authentication database,
LDAP server, outbound connection credentials or user account
passwords.
LDAP server, outbound connection credentials or user account
passwords.
•
You cannot set a blank password for any administrator
account.
account.
•
All passwords and usernames are case sensitive.
Administrator accounts
The Administrator accounts page lists all the administrator
accounts that have been configured on the VCS, and lets you
add, edit and delete accounts.
To go to the Administrator accounts page:
accounts that have been configured on the VCS, and lets you
add, edit and delete accounts.
To go to the Administrator accounts page:
•
Maintenance > Login accounts > Administrator accounts.
Click on the account you want to configure (or click New to
create a new account, or click Delete to remove an account).
create a new account, or click Delete to remove an account).
Only the admin account can be configured if remote
administrator account authentication is enabled.
administrator account authentication is enabled.
To configure administrator accounts using the CLI:
Name
The username for the administrator account. (Note that some
names such as "root" are reserved.)
names such as "root" are reserved.)
Password
Enter the password that this administrator will use to log in to
the VCS. The password can be up to 16 characters.
All passwords on the VCS are encrypted, so you only see
placeholder characters here.
the VCS. The password can be up to 16 characters.
All passwords on the VCS are encrypted, so you only see
placeholder characters here.
Confirm password
Retype the password entered above.
Account access
Determines the rights for this account. The options are:
Read Write: allows all configuration to be viewed and changed.
This provides the same rights as the default admin account.
Read Only: allows status and configuration information to be
viewed only and not changed. Some pages, such as the Upgrade
page, are blocked to read-only accounts.
Auditor: allows access to the Event Log, Configuration Log and
the Overview page only.
Account Disabled: web login access to the VCS is not allowed.
Read Write: allows all configuration to be viewed and changed.
This provides the same rights as the default admin account.
Read Only: allows status and configuration information to be
viewed only and not changed. Some pages, such as the Upgrade
page, are blocked to read-only accounts.
Auditor: allows access to the Event Log, Configuration Log and
the Overview page only.
Account Disabled: web login access to the VCS is not allowed.