Users Guide

Table Of Contents
username password role
Creates an authentication entry based on a user name and password, and assigns a role to the user.
Syntax
username username password password role role [priv-lvl privilege-level]
Parameters
username username—Enter a text string. A maximum of 32 alphanumeric characters; one character
minimum.
password password—Enter a text string. A maximum of 32 alphanumeric characters; nine characters
minimum. Password prexes
$1$, $5$, and$6$ are not supported in clear-text passwords.
role role—Enter a user role:
sysadmin — Full access to all commands in the system, exclusive access to commands that manipulate
the le system, and access to the system shell. A system administrator can create user IDs and user roles.
secadmin — Full access to conguration commands that set security policy and system access, such as
password strength, AAA authorization, and cryptographic keys. A security administrator can display security
information, such as cryptographic keys, login statistics, and log information.
netadmin — Full access to conguration commands that manage trac owing through the switch,
such as routes, interfaces, and ACLs. A network administrator cannot access conguration commands for
security features or view security information.
netoperator — Access to EXEC mode to view the current conguration. A network operator cannot
modify any conguration setting on a switch.
priv-lvl privilege-level — Enter a privilege level, from 0 to 15. If you do not specify the priv-lvl
option, the system assigns privilege level 1 for the netoperator role and privilege level 15 for the sysadmin,
secadmin, and netadmin roles.
Default
User name and password entries are in clear text.
There is no default user role.
The default privilege levels are level 1 for netoperator, and level 15 for sysadmin, secadmin, and
netadmin.
Command Mode
CONFIGURATION
Usage Information
By default, the password must be at least nine alphanumeric characters. Only the following special characters
are supported:
! # % & ' ( ) ; < = > [ ] * + - . / : ^ _
Enter the password in clear text. It is converted to SHA-512 format in the running conguration. For backward
compatibility with OS10 releases 10.3.1E and earlier, passwords entered in MD-5, SHA-256, and SHA-512 format
are supported.
You cannot assign a privilege level higher than privilege level 1 to a user with the netoperator role and
higher than privilege level 2 for a sysadmin, secadmin, and netadmin roles.
To increase the required password strength, use the password-attributes command. The no version of
this command deletes the authentication for a user.
Example
OS10(config)# username user05 password newpwd404 role sysadmin priv-lvl 10
Supported Releases 10.2.0E or later
Security 971