Send documentation comments to mdsfeedback-doc@cisco.com
18-5
Cisco MDS 9000 Family Troubleshooting Guide, Release 3.x
OL-9285-05
Chapter 18 Troubleshooting Users and Roles
User and Role Issues
• User Cannot Access Certain Features, page 18-8
• User Has Too Much Access, page 18-10
• User Cannot Configure Some VSANs, page 18-10
• User Cannot Configure E Ports, page 18-11
• Unexpected User Displayed in Logs, page 18-12
User Cannot Log into Switch
Symptom User cannot log into the switch.
Verifying User Login with System Messages Using Device Manager
To configure the switch logging to capture system messages when a user attempts to log into a switch,
follow these messages:
Step 1 Choose Logs > Syslog > Setup and select the Severity Levels tab.
Step 2 Select debug from the Severity Level drop-down menu for auth, authPriv, and aaad. Click Apply.
This sets the switch to log debug information for these facilities.
Table 18-1 User Cannot Log into Switch
Symptom Possible Cause Solution
User cannot log into
the switch.
Weak password configured at the AAA
server.
Create a stronger password. See the “User Accounts”
section on page 18-1 for guidelines on strong passwords.
User name is a restricted word or all
numeric.
Change your user name. See the “User Accounts” section on
page 18-1 for guidelines on allowed user names.
User account has expired. Choose Switches > Security > Users in Fabric Manager to
view the user account expiration date.
Or use the show user-account CLI command to verify the
account expiration.
Recreate the user if necessary.