xStack

®

DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch CLI Manual

57

Example usage:

To configure the user password of the “alpha” account:

DGS-3627:admin# config account alpha

Command: config account alpha

Enter an old password:****

Enter a case-sensitive new password:****

Enter the new password again for confirmation:****

Success.

DGS-3627:admin#

show account

Purpose

This command is used to display the user accounts that have been created on the Switch.

Syntax

show account

Description

The show account command displays the user accounts that have been created on the

Switch.

Parameters

None

Restrictions

Only Administrator level users can issue this command.

Example usage:

To display the user accounts that have been created on the Switch:

DGS-3627:admin# show account

Command: show account

Current Accounts:

Username

Access Level

---------------

------------

System

User

dlink

Admin

Total Entries : 2

DGS-3627:admin#

delete account

Purpose

This command is used to delete an existing account.

Syntax

delete account <username>

Description

The delete account command deletes an existing account.

Parameters

<username>

- Specify the name of the user that will be deleted.

Restrictions

Only Administrator level users can issue this command.

Example usage:

To delete the user account “System”:

xStack

®

DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch CLI Manual

58

DGS-3627:admin# delete account System

Command: delete account System

Success.

DGS-3627:admin#

enable authen_policy

Purpose

This command is used to enable the system access authentication policy.

Syntax

enable authen_policy

Description

Enable system access authentication policy- When authentication is enabled, the device will

adopt the login authentication method list to authenticate the user attempting to log in, and

adopt the enable authentication method list to authenticate the enable password for

promoting the user‘s privilege to Admin level.

Parameters

None.

Restrictions

Only Administrator level users can issue this command.

Example usage:

To enable the system access authentication policy:

DGS-3627:admin# enable authen_policy

Command: enable authen_policy

Success.

DGS-3627:admin#

disable authen_policy

Purpose

This command is used to disable the system access authentication policy.

Syntax

disable authen_policy

Description

Disable system access authentication policy- When authentication is disabled, the device will

adopt the local user account database to authenticate the user attempting to log in, and

adopt the local enable password to authenticate the enable password for promoting the user

‘s privilege to Admin level.

Parameters

None.

Restrictions

Only Administrator level users can issue this command.

Example usage:

To disable the system access authentication policy:

DGS-3627:admin# disable authen_policy

Command: disable authen_policy

Success.

DGS-3627:admin#

xStack

®

DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch CLI Manual

59

show authen_policy

Purpose

This command is used to display if the system access authentication policy is enabled or

disabled.

Syntax

show authen_policy

Description

Displays if the system access authentication policy is enabled or disabled.

Parameters

None.

Restrictions

Only Administrator level users can issue this command.

Example usage:

To display if the system access authentication policy is enabled or disabled:

DGS-3627:admin# show authen_policy

Command: show authen_policy

Authentication Policy : Enabled

DGS-3627:admin#

create authen_login method_list_name

Purpose

This command is used to create a user-defined method list of authentication methods for

users attempting to log in to the Switch.

Syntax

create authen_login method_list_name <string 15>

Description

Creates a user-defined method list of authentication methods for users attempting to log into

the Switch. The maximum number of supported login method lists is 8.

Parameters

<string 15>

- The user-defined method list name

Restrictions

Only Administrator level users can issue this command.

Example usage:

To create a user-defined method list called “login_list_1” for users attempting to log in to the Switch:

DGS-3627:admin# create authen_login method_list_name login_list_1

Command: create authen_login method_list_name login_list_1

Success.

DGS-3627:admin#

config authen_login

Purpose

This command is used to configure a user-defined or default method list of authentication

methods for users attempting to log in to the Switch.

Syntax

config authen_login [default | method_list_name <string 15>] method {tacacs | xtacacs

| tacacs+ | radius | server_group <string 15> | local | none}(1)

Description

Configures a user-defined or default method list of authentication methods for users

attempting to log in to the Switch. The method sequence will affect the authentication result.

For example, if the user specifies tacacs+ first, then tacacs and local, when the user tries to

log in, the authentication request will be sent to the first server host in the tacacs+ built-in

server group. If the first server host in the tacacs+ group is missing, the authentication

request will be sent to the second server host in the tacacs+ group, and so on. If all server

xStack

®

DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch CLI Manual

60

config authen_login

hosts in the tacacs+ group are missing, the authentication request will be sent to the first

server host in the tacacs group. If all server hosts in the tacacs group are missing, the local

account database in the device will be used to authenticate the user. When a user logs in to

the device successfully, using either the tacacs/xtacacs/tacacs+/radius built-in, user-defined

server groups methods, or none, only the “user” privilege level will be assigned. If the user

wants to access admin privilege level, the user must use the “enable admin” command to

promote the privilege level. However, when the local method is used, the privilege level will

depend on the account privilege level stored in the local device.

Parameters

default

- Specify the default method list of authentication methods.

method_list_name

- Specify the user-defined method list of authentication methods.

tacacs

- Specify authentication by the built-in server group “tacacs”.

xtacacs

- Specify authentication by the built-in server group “xtacacs”.

tacacs+

- Specify authentication by the built-in server group “tacacs+”.

radius

- Specify authentication by the built-in server group “radius”.

server_group

- Specify authentication by the user-defined server group.

local

- Specify authentication by the local user account database in the device.

none

- Specify no authentication.

Restrictions

Only Administrator level users can issue this command.

Example usage:

To configure a user-defined method list called “login_list_1”, that specifies a sequence of the built-in “tacacs+” server

group, followed by the “tacacs” server group, and finally the local account database for users attempting to log in to the

Switch:

DGS-3627:admin# config authen_login method_list_name login_list_1 method tacacs+ tac

acs local

Command: config authen_login method_list_name login_list_1 method tacacs+ tacac

s local

Success.

DGS-3627:admin#

delete authen_login method_list_name

Purpose

This command is used to delete a user-defined method list of authentication methods for

users logging into the Switch.

Syntax

delete authen_login method_list_name <string 15>

Description

Deletes a user-defined method list of authentication methods for users attempting to log in to

the Switch.

Parameters

<string 15>

- The user-defined method list name.

Restrictions

Only Administrator level users can issue this command.

Example usage:

To delete the user-defined method list called “login_list_1” for users attempting to log in to the Switch:

xStack

®

DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch CLI Manual

61

DGS-3627:admin# delete authen_login method_list_name login_list_1

Command: delete authen_login method_list_name login_list_1

Success.

DGS-3627:admin#

show authen_login

Purpose

This command is used to display the method list of authentication methods that will be used

for users attempting to log in to the Switch.

Syntax

show authen_login [default | method_list_name <string 15> | all]

Description

Displays the method list of authentication methods that will be used for users attempting to

log in to the Switch.

Parameters

default

- Displays the default user-defined method list for users logging into the Switch.

method_list_name

- Displays the specific user-defined method list for users logging into the

Switch.

all

- Displays all the method lists for users attempting to log in to the Switch.

Restrictions

Only Administrator level users can issue this command.

Example usage:

To display the user-defined method list called “login_list_1” for users attempting to log in to the Switch:

DGS-3627:admin# show authen_login method_list_name login_list_1

Command: show authen_login method_list_name login_list_1

Method List Name

Priority

Method Name

Comment

----------------

--------

---------------

------------------

login_list_1

1

tacacs+

Built-in Group

2

tacacs

Built-in Group

3

mix_1

User-defined Group

4

local

Keyword

DGS-3627:admin#

create authen_enable method_list_name

Purpose

This command is used to create a user-defined method list of authentication methods for

promoting a user's privilege to Admin level.

Syntax

create authen_enable method_list_name <string 15>

Description

Creates a user-defined method list of authentication methods for promoting a user's privilege

to Admin level. The maximum number of supported enable method lists is 8.

Parameters

<string 15>

- The user-defined method list name

Restrictions

Only Administrator level users can issue this command.

Example usage:

To create a user-defined method list called “enable_list_1” for promoting a user's privilege to Admin level: