Chapter4UserManagement
4.3.7ConfiguringFirst-LoginPasswordModification
ConīgurationDescription
AsshowninFigure4-7,auserlogsintotheZXR10ZSRV2fromaPCthroughaserial
portorT elnet.Theuserentersconīægurationmodetocreateanotheruser,andconīægures
once-password(onlyvalidforlocallyauthenticatedusers).Duringthenextlogin,theuser
canusetheself-conīæguredpassword.Thedefaultrangeofapasswordis3ā32characters.
Figure4-7ConīæguringFirst-LoginPasswordModiīæcation
ConīgurationFlow
1.Createauser.
2.Conīægureanauthenticationtemplate.
3.Conīægureanauthorizationtemplate.
4.Conīæguretheīærstloginpasswordmodiīæcationfunction.
5.Duringlogin,theusercansetapassword.Thenexttime,theusercanusethenew
passwordtosuccessfullylogin.
ConīgurationCommands
RunthefollowingcommandsontheZXR10ZSRV2:
R1(config)#system-user
R1(config-system-user)#authentication-template1
R1(config-system-user-authen-temp)#bindaaa-authentication-template2001
R1(config-system-user-authen-temp)#exit
R1(config-system-user)#authorization-template1
R1(config-system-user-author-temp)#bindaaa-authorization-template2001
R1(config-system-user-author-temp)#local-privilege-level15
R1(config-system-user-author-temp)#exit
R1(config-system-user)#user-namezte
R1(config-system-user-username)#bindauthentication-template1
R1(config-system-user-username)#bindauthorization-templat1
R1(config-system-user-username)#passwordzte
R1(config-system-user-username)#once-password/*Configuresfirst-login
passwordmodification.*/
R1(config-system-user-username)#exit
R1(config-system-user)#exit
R1(config)#aaa-authentication-template2001
R1(config-aaa-authen-template)#aaa-authentication-typelocal
4-17
SJ-20140504150128-007|2014-05-10(R1.0)ZTEProprietaryandConīædential
To Next Page
Loading...
