username

Required Command-Line Mode = Configure

Use the username command to manage local user accounts on GigaVUE‑OS nodes. You can configure different user account levelsadmin and monitorso that each user has rights that are appropriate for the type of work they will be doing with the system. You can also remove user accounts (or parts of their configuration) with the no username command.

The username command has the following syntax:

username <username>
   disable [login]
   full-name
<full name>
 password <prompt | cleartext password>
   roles
<add <user role> [user role] | replace <user role> [user role]>

The following table describes the arguments for the username command:

Argument

Description

username <username>

Creates a name for a user account. The system comes initially with two accounts already created, as follows:

admin users have access to the full range of features and functionality available on the system. They can configure packet distribution, configure users, view logs, and so on—if it can be done on the GigaVUE‑OS node, an admin user can do it.
monitor users do not have access to any port configuration settings. Their access consists mainly of the ability to use the show command to see what basic settings are in place on the node.
default users have access to all command modes. However, they do not have access to unassigned ports. New users are created with the Default role automatically.

Note:  Remote usernames that include a forward slash (/) are not supported in GigaVUE‑OS. A remote username is one created in a remote server. The workaround is to use the backward slash (\) in remote usernames.

disable[monitor]

For security purposes, monitor account must be disabled by default.

To enable the monitor account, you must specifically enable the account and create a password.

(config) # no username <username> monitor disable

(config) # username <username> monitor password xxxxx

Note:  An encrypted version of password will be displayed to the user.

disable [login]

Temporarily disables logins for the specified account. Disabling an account closes any currently open sessions for the specified account.

To reverse a disabled account, use the following:

(config) # no username <username> disable

Use the following command to lock out access to a user account:

(config) # username <username> disable login

Note:  You cannot disable the admin account.

full-name <full name>

Specifies the full name for the account (sometimes referred to as the gecos). The full name string may contain spaces and other characters, but must be contained in quotation marks.

For example:

(config) # username John full-name “IT User”

The full name appears in the CLI output of the show usernames command.

password <prompt | cleartext password>

Adds or changes the password for the specified user account. Refer to Password Policies for minimum password requirements.

<add <user role> [user role] | replace <user role> [user role]>

Adds to or replaces roles from the specified user account. The roles themselves are configured with the aaa authorization roles command. Refer to aaa for details. Roles provide users with different levels of access to ports with the same role assigned. Refer to the “Configuring Series Security Options” in the GigaVUE Administration Guide for details.

The following table summarizes other commands related to the username command:

Task

Command

Displays user names and account status.

# show usernames

Displays the currently logged in users.

# show users

Displays a history of user logins.

# show users history

Displays a history of user logins for a specified username.

# show users history username monitor

Displays the roles assigned to the logged in users.

# show users roles

Displays a specified user name and assignment.

# show usernames assignment alias admin

Displays all specified user names and assignment.

# show usernames assignment all

Deletes a specified user account.

(config) # no username operator

Re-enables a specified user account.

(config) # no username monitor disable

Re-enables login for a specified user account.

(config) # no username monitor disable login

Re-enables login password for a specified user account.

(config) # no username monitor disable password

Deletes the full name of the specified user.

(config) # no username monitor full-name

Deletes a specified authorization role from a specified user account.

(config) # no username monitor roles add admin

Deletes all authorization roles from a specified user account.

(config) # no username monitor roles all