Manualshelf

User guide

ManualsBrandsAlcatel ManualsComputer equipmentOmniSwitch AOS Release 7
121122123124125126127128129130
Configuring Global User Lockout Settings Managing Switch User Accounts
page 7-14 OmniSwitch AOS Release 7 Switch Management Guide March 2015
By default, the lockout threshold number is set to 0; this means that there is no limit to the number of
failed login attempts allowed, even if a lockout window time period exists. To configure a lockout thresh-
old number, use the user lockout-threshold command. For example:
-> user lockout-threshold 3
Note that a locked user account is automatically unlocked when the lockout duration time (see “Configur-
ing the User Lockout Duration Time” on page 7-14) is reached or the admin user manually unlocks the
user account.
Configuring the User Lockout Duration Time
The user lockout duration time specifies the number of minutes a user account remains locked until it is
automatically unlocked by the switch. This period of time starts when the user account is locked out of the
switch. Note that at any point during the lockout duration time, the admin user can still manually unlock
the user account.
By default, the user lockout duration time is set to 0; this means that there is no automatic unlocking of a
user account by the switch. The locked user account remains locked until it is manually unlocked by the
admin user. To configure a lockout duration time, use the user lockout-duration command. For example:
-> user lockout-duration 60
Do not configure a lockout duration time that is less than the lockout window time period (see “Configur-
ing the User Lockout Window” on page 7-13).
Manually Locking and Unlocking User Accounts
The user lockout unlock command is used to manually lock or unlock a user account. This command is
only available to the admin user or a user who has read/write access privileges to the switch.
To lock a user account, enter user lockout and the username for the account. For example,
-> user j_smith lockout
To unlock a user account, enter user unlock and the username for the locked account. For example,
-> user j_smith unlock
In addition to this command, the admin user or users with read/write access privileges can change the user
account password to unlock the account.
Note that if a lockout duration time (see “Configuring the User Lockout Duration Time” on page 7-14) is
not configured for the switch, then it is only possible to manually unlock a user account with the user
lockout command or by changing the user password.