User Manual
Security Database Configuration
11-10
11.4.1.1 Changing the Precedence
By default, the precedence for the local database is set to 1. To change the precedence number, use the Set/
Define Authentication Local command.
Figure 11-19: Specifying the Precedence
11.4.1.2 Adding Username/Password Pairs
To add a username/password pair to the local database, use the Set/Define Authentication Local
command.
Figure 11-20: Adding User and Password to Local Database
Note: All passwords are case sensitive. All usernames are case insensitive.
11.4.1.3 Forcing Execution of Commands
A command or series of commands may be associated with a particular username; the commands will be
run when the user is successfully authenticated. For example, when user elmo logs into the SCS, he will be
automatically telnetted to host 192.0.1.67 and logged out of the SCS.
Figure 11-21: Forcing Commands
Commands must be enclosed in quotes. If a series of commands is specified, they must be separated by
semicolons.
11.4.1.4 Permitting Users to Change Their Passwords
By default, users are not permitted to change their passwords. To enable a user to change his or her
password, use the Set/Define Authentication User Alter command.
Figure 11-22: Permitting User to Change Passwords
11.4.1.5 Forcing Selection of a New Password
Users may be forced to select a new password during their next login. This is useful when the user has
forgotten his or her password, or to ensure that passwords are changed on a regular basis.
Figure 11-23: Forcing a User’s Password to Expire
Local>> DEFINE AUTHENTICATION LOCAL PRECEDENCE 3
Local>> DEFINE AUTHENTICATION USER "elmo" PASSWORD "badger"
Local>> DEFINE AUTHENTICATION USER "elmo" COMMAND "telnet 192.0.1.67; logout"
Local>> DEFINE AUTHENTICATION USER "elmo" ALTER ENABLED
Local>> DEFINE AUTHENTICATION USER "elmo" EXPIRED