Use this command to restrict the system to a single specified authorization credential which must be shared by all users.
| username | Specifies the username that is globally used by all users. Valid values are up to 80 printable characters. |
None.
All command modes with admin privilege.
An X.509 certificate can contain information about the roles or privileges associated with the certificate. In practice an individual's responsibilities may change over time, and it is cumbersome to revoke and re-issue certificates each time this happens. The ability to specify a fixed global authorization username provides for mapping the certificate content to a local system user database or remote authentication protocol such as RADIUS. Once communication is established with the server requiring authentication, the user is interactively prompted for a password. The username and password combination is presented to the authorization server.
This command provides for setting a fixed string as the username. The username can also be specified as an attribute that dynamically extracts the username from the subject field of the X.509 certificate. set pki authorization username attribute for specifying an attribute based username configuration details.
This example shows how to specify myusername as a static username:
System(su)->set pki authorization username myusername System(su)->
Print
this page
Email this topic
Feedback
View PDF
Download EPUB