HPE Community
Aruba & ProVision-based
1754020 Members
7656 Online
108811 Solutions
New Discussion

5406zl User Management

 
SOLVED
Go to solution
cnoslig
Occasional Visitor

‎01-08-2013 03:23 AM

‎01-08-2013 03:23 AM

5406zl User Management

We are begging the roll-out of the ProCurve 5406zl switches for our customer.  One of the requirement is that the access be restricted to the switch.  It appears that only an Operator or a Manager user is available.  Is it possible to remove both of these users and add/created named users, similar to what is done on a Cisco Router? 

 

For instance, say I have 5 admins that will need access to the switch, I would need to have 5 seperate login accounts (named accounts) that would allow them to have USER access.  From there, I would need to allow them to move to Privileged (Manager) access (similar to the Enable command and password prompt on Cisco).

 

Is this possible?  The switch is currently running Firmware Version K.15.06.0017

 

Thanks

0 Kudos
2 REPLIES 2
Aarón
Frequent Advisor

‎01-10-2013 01:15 AM

‎01-10-2013 01:15 AM

Solution

Re: 5406zl User Management

Hello cnoslig,

 

all I can think of is to use an external authentication method:

 

TEST(config)# aaa authentication ssh enable 
 local                 Use local switch user/password database.
 tacacs                Use TACACS+ server.
 radius                Use RADIUS server.
 peap-mschapv2         Use RADIUS server with PEAP-MSChapv2.
 public-key            Use local switch public key authentication database.

 

You can change de default usernames manager and operator but it would still be only one username for operator access and one for manager access:

 

TEST(config)# password manager user-name ee plaintext test 
 <cr>

 

 

Hope this helps!

 

Aarón

0 Kudos
cnoslig
Occasional Visitor

‎01-10-2013 02:44 AM

‎01-10-2013 02:44 AM

Re: 5406zl User Management

Aaron-

 

  Thanks, that is pretty much what I thought, just wanted to verify  I was not looking at it wrong. 

 

  I am hoping I will be able to use TACACS+ as that would solve the issue and would fall within my STIG requirement.

 

  Again, thanks for the response.

 

 

0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.