- Community Home
- >
- Networking
- >
- Switching and Routing
- >
- Aruba & ProVision-based
- >
- Listing all accounts in 2930F switch
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-28-2021 09:06 PM - last edited on тАО09-29-2021 07:04 AM by support_s
тАО09-28-2021 09:06 PM - last edited on тАО09-29-2021 07:04 AM by support_s
Listing all accounts in 2930F switch
Hello chaps!
Is it possible to list all accounts in the 2930F switch without going through the include-credentials route? include-credentials will need a factory reset which I'm inclined to perform
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-29-2021 12:01 AM
тАО09-29-2021 12:01 AM
Re: Listing all accounts in 2930F switch
Hello @SHtan ,
What exactly you are looking for?
Below link, it might be useful for you:
https://support.hpe.com/hpesc/public/docDisplay?docId=a00091307en_us&docLocale=en_US
Thanks!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-29-2021 06:52 AM
тАО09-29-2021 06:52 AM
Re: Listing all accounts in 2930F switch
Hey akg7!
Basically i want to generate a list of accounts in the 2930F (with the associated roles) for Internal Audit's review.
These accounts are manager level and operator level accounts, there's no RADIUS or TACAS accounts in the switch.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-29-2021 09:20 AM
тАО09-29-2021 09:20 AM
Re: Listing all accounts in 2930F switch
Hello @SHtan ,
In this scenarion you can check by using below commands:
Aruba# show running-config | in user-name
or
Aruba# show running-config | in password
Thanks!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-29-2021 08:36 PM
тАО09-29-2021 08:36 PM
Re: Listing all accounts in 2930F switch
Hey @akg7 !
Thanks for getting back
I've ran both commands
1. sh run | in user-name
This greps user-name as a string and returns a "password complexity user-name-check" command which I've set.
2. sh run | in password
This returns more data but the key commands returned shows "password manager" and "password operator". This command neither shows the manager's username nor the operator's username. (I have different named accounts for manager)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-28-2021 12:01 AM - edited тАО10-28-2021 12:03 AM
тАО10-28-2021 12:01 AM - edited тАО10-28-2021 12:03 AM
Re: Listing all accounts in 2930F switch
Hello SHtan,
adding "include credentials" doesn't require a factory reset. Below I'm sending the switch warnings after it's performed:
Aruba-2930F-48G-4SFPP(config)# include-credentials
**** CAUTION ****
You have invoked the command 'include-credentials'. This action will make
changes to the password and SSH public-key storage.It will affect *all* stored configurations, which might need to be updated.
Those credentials will no longer be readable by older software revisions.
It also may break some of your existing user scripts. Continue?[y/n] y**** CAUTION ****
This will insert possibly sensitive information in switch configuration files,
and as a part of some CLI commands output. It is strongly recommended that you
use SFTP rather than TFTP for transfer of the configuration over the network,
and that you use the web configuration interface only with SSL enabled.Erasing configurations with 'include-credentials' enabled will erase stored
passwords and security credentials. The system will reboot with the factory
default configuration.Proceed?[y/n] y
Aruba-2930F-48G-4SFPP(config)#
Maybe the last sentence in the warning gave you a false impession. But a device will reboot with factory default settings if you erase your saved configuration. In fact the switch will always reboot with factory default config if you delete the saved configuration and don't save your running config. No reboot or resets are necessary to add "include credentials" to your existing config.
Anyway back to your original topic, if you add "include credentials" then the above mentioned show commands will show you the accounts and their hashed passwords:
Aruba-2930F-48G-4SFPP(config)# show run | in password
password operator user-name "test-operator" sha1
"8cb2237d0679ca88db6464eac60da96345513964"
Without include credentials this returns as you stated only "password operator" which only tells you there is a configured operator account and nothing more.
HTH,
Toni