Specifications
6-2
Cisco Internet Streamer CDS 2.0-2.3 Software Configuration Guide
OL-13493-04
Chapter 6 Configuring the System
Configuring AAA
privileges. The user account information is stored in the AAA database. When the user attempts to log
in, the CDSM compares the person’s username, password, and privilege level to the user account
information that is stored in the database.
Each user account can be assigned to a role and a domain. A role defines which CDSM configuration
pages the user can access and which services the user has authority to configure or modify. A domain
defines which entities in the network the user can access and configure or modify. You can assign a user
account to zero or more roles, and to zero or more domains.
Creating, Editing, and Deleting Users
Note This section is addressed to users with administrator-level privileges (admin users) only.
Two default user accounts are preconfigured in the CDSM. The first account, called admin, is assigned
the administrator role that allows access to all services and access to all entities in the system. This
account cannot be deleted from the system, but it can be modified. Only the username and the role for
this account are unchangeable. To change the password for this account, use the username admin
password <password> command through the CLI.
The second preconfigured user account is called default. Any user account that is authenticated but has
not been registered in the CDSM gets the access rights (role and domains) assigned to the default
account. This account is configurable, but it cannot be deleted nor can its username be changed.
When you create a new user account in the CDSM, you have the option to create the user account in the
CLI for the CDSM device at the same time. Using this option to create the new account in the CLI
provides the following benefits:
• The user account is created in the primary and standby CDSM management databases and in the
CDSM CLI from one central point.
• Users can change their passwords, and the password changes will propagate to a standby CDSM.
If you choose to create the user account from the CDSM without creating the user account in the CDSM
CLI at the same time, the following results apply:
• The user account is created in the primary and standby CDSM management databases.
• No user account is created in the CDSM CLI, and the user cannot log in to the CDSM until an
account is created from the CLI.
• Local users cannot change their passwords using the CDSM.
• Local users can change their passwords using the CLI; however, the password changes are not
propagated from the CLI to the CDSM databases when the CLI user option is enabled in the CDSM.
If a user account has been created from the CLI only, when you log in to the CDSM for the first time,
the Centralized Management System (CMS) database automatically creates a user account (with the
same username as configured in the CLI) with default authorization and access control. However, to
change the password in this scenario, the user account must be explicitly configured from the CDSM
with the CLI user option enabled.
To create or edit a user account, do the following:
Step 1 Choose System > AAA > Users. The User Table page is displayed.
Step 2 Click the Create New icon in the task bar. The User Account page is displayed.
To edit an account, click the Edit icon next to the username.