278 CHAPTER 9: AAA AND RADIUS OPERATION
Creating a Local User
A local user is a group of users set on NAS. The username is the unique identifier
of a user. A supplicant requesting network service may use local authentication
only if its corresponding local user has been added onto NAS.
Perform the following configurations in system view.
By default, there is no local user in the system.
Setting Attributes of a Local User
The attributes of a local user include its password, state, service type and other
settings.
Perform the following configurations in system view.
Auto means that the password display mode will be the one specified by the user
at the time of configuring a password (see the password command in the
following table for reference), and cipher-force means that the password display
mode of all the accessing users must be in cipher text.
Perform the following configurations in local user view.
Table 15 Create/Delete a Local User and Relevant Properties
Operation Command
Add local users local-user user-name
Delete all the local users undo local-user all
Delete a local user by specifying its type undo local-user { user-name | all
[service-type {lan-access | ftp | telnet }]}
Table 16 Set the Method that a Local User Uses to Set Password
Operation Command
Set the method that a local user uses to set
password
local-user password-display-mode {
cipher-force | auto}
Cancel the method that the local user uses to
set password
undo local-user password-display-mode
Table 17 Set/Remove the Attributes Concerned with a Specified User
Operation Command
Set a password for a specified user password {simple | cipher} password
Remove the password set for the specified
user
undo password
Set the state of the specified user state {active | block}
Disable the state of the specified user undo state {active | block}
Set a service type for the specified user service-type { ftp [ ftp-directory directory ] |
lan-access | telnet [level level ] ] | telnet [
level level ] }
Cancel the service type of the specified user undo service-type { telnet [ level ] | ftp
[ftp-directory] | lan-access }