User Management

About This Chapter

This topic describes the classification of users and how to add, modify, delete and disconnect a user.

5.1 Overview

This topic provides the definition of users, and describes the user levels and authorities supported by the MA5600T.

5.2 Adding a User Profile

This topic describes how to add a user profile. To add a new user, you need to bind this user profile to manage operators.

5.3 Adding a User

This topic describes how to add a user who can log in to the MA5600T to maintain it.

5.4 Modifying the User Attributes

You can modify the user attributes, such as user profile, authority, password, the permitted number of reenters and the appended information.

5.5 Disconnecting an Online User

This topic describes how to disconnect an online user to prevent the user from logging in to the MA5600T.

5.6 Deleting a User

This topic describes how to delete a user who is not permitted to log in to the MA5600T.

5.1 Overview

This topic provides the definition of users, and describes the user levels and authorities supported by the MA5600T.

Service Description

Users refer to persons who configure and maintain the MA5600T through CLI.

Service Specification

In terms of authority, MA5600T users can be divided into the following four levels:

l Common user

l Operator

l Administrator

l Super user

Users of all levels can only add users of lower levels than them.

Table 5-1 lists the authorities for users of all levels.

Table 5-1 User authorities User Level Authority

Common user Common users perform basic system operation and simple query operation.

Operator Operator can configure the MA5600T and services.

Administrator and super user

Common:

l Perform all operations.

l Maintain the MA5600T user accounts and user authority.

Difference:

l Only one super user exists in the system, however, multiple administrators can exist in the system.

l The super user is of the highest level in the system.

l The super user can create the administrator level account, but the administrator has no authority to add a super user.

5.2 Adding a User Profile

This topic describes how to add a user profile. To add a new user, you need to bind this user profile to manage operators.

Background Information

l There is a root profile in the system. The root profile disables restrictions on users so that root users can log in to the system easily after a system is upgraded. It is not recommended to bind the root profile when you add a new user.

l The system provides three default profiles whose levels are administrator, operator, and common user. They are convenient for unified management and for adding users.

l Up to 12 profiles can be added.

To add a user profile, you need to configure the following parameters:

l Use profile name

l Minimum length of the user name

l Minimum length of the password

l Validity period of the user name

l Validity period of the password

l Permitted start time of login for a user

l Permitted end time of login for a user For details, refer to Table 5-2.

Table 5-2 Parameters of a user profile Parameters Description Minimum length

of the user name

The minimum length of the user name can be 6 to 15 alphanumeric characters and it must be equal to or longer than six alphanumeric characters.

Minimum length of the password

The minimum length of the password can be 6 to 15 alphanumeric characters and it must be equal to or longer than six alphanumeric characters.

Validity period of the user name

It ranges from 0 to 999 days. If it is set to 0 day, the validity does not expire. By default, it is 30 days.

The system checks the validity of the user names in the unit of day when a user logs in to the system.

Three days prior to the expiration, the system generates an alarm informing the user of the expiration day. The system generates an alarm informing the user of the expiration once the system identifies the expiration of a user name.

Validity period of the password

It ranges from 0 to 999 days. If it is set to 0 day, the validity does not expire. By default, it is 30 days. The validity period of the password should not be equal to or shorter than the validity period of the user name.

The system checks the validity of passwords in the unit of day when a user logs in to the system.

Three days prior to the expiration, the system generates an alarm informing the user of the expiration day and prompting the user to modify the password in time.

Parameters Description Permitted start

time of login for a user

This parameter with the permitted end time of logon by a user parameter specifies the permitted period for a user to log in to the system. A user can log in to the system only in the permitted period.

Permitted end time of login for a user

This parameter with the permitted start time of logon by a user parameter specifies the permitted period for a user to log in to the system.

A user can log in to the system only in the permitted period. If a user logs in to the system at the permitted start time but does not log out at the permitted end time, the system logs out the user and stops the user from configuring the system.

Procedure