OS6860(E)_AOS_8.1.1.R01_Switch_Management_Guide
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Managing <strong>Switch</strong> User Accounts<br />
Configuring Password Policy Settings<br />
Configuring Password Character Requirements<br />
The character requirements specified in the global password policy determine the minimum number of<br />
uppercase, lowercase, non-alphanumeric, and 10-base digit characters required in all passwords. These<br />
requirements are configured using the following user password-policy commands:<br />
Command Configures ...<br />
user password-policy min-uppercase<br />
user password-policy min-lowercase<br />
user password-policy min-digit<br />
user password-policy min-nonalpha<br />
The minimum number of uppercase characters<br />
required in all passwords.<br />
The minimum number of lowercase characters<br />
required in all passwords.<br />
The minimum number of base-10 digits required<br />
in all passwords.<br />
The minimum number of non-alphanumeric characters<br />
(symbols) required in all passwords.<br />
Specifying zero with any of the these commands disables the requirement. For example, if the number of<br />
minimum uppercase characters is set to zero (the default), then there is no requirement for a password to<br />
contain any uppercase characters.<br />
Configuring Password Expiration<br />
By default, password expiration is disabled on the switch. A global default password expiration may be<br />
specified for all users or password expiration may be set for an individual user.<br />
Note. When the current user’s password has less than one week before expiration, the switch will display<br />
an expiration warning after login.<br />
If a user’s password expires, the user will be unable to log into the switch through any interface; the<br />
admin user must reset the user’s password. If the admin user’s password expires, the admin user will<br />
have access to the switch through the console port with the currently configured password.<br />
Default Password Expiration<br />
To set password expiration globally, use the user password-expiration command with the desired<br />
number of days; the allowable range is 1 to 150 days. For example:<br />
-> user password-expiration 3<br />
The default password expiration is now set to three days. All user passwords on the switch will be set or<br />
reset with the three-day expiration. If an individual user was configured with a different expiration through<br />
the user command, the expiration will be reset to the global value.<br />
The expiration is based on the switch system date/time and date/time the user password-expiration<br />
command is entered. For example, if a user is configured with a password expiration of 10 days, but the<br />
global setting is 20 days, that user’s password will expire in 10 days.<br />
To disable the default password expiration, use the user password-expiration command with the disable<br />
option:<br />
-> user password-expiration disable<br />
Omni<strong>Switch</strong> <strong>AOS</strong> Release 8 <strong>Switch</strong> <strong>Management</strong> <strong>Guide</strong> May 2014 page 6-11