Create a User

About this task

Create a new user in the USM table to authorize a user on a particular SNMP engine.

Note

Note

In EDM, to create new SNMPv3 users you must use the CloneFromUser option. However, you cannot clone the default user, named initial. As a result, you must first use CLI to configure at least one user, and then you can use EDM to create subsequent users with the CloneFromUser option.

Procedure

  1. In the navigation pane, expand Configuration > Edit > SnmpV3.
  2. Click USM Table.
  3. Click Insert.
  4. In the EngineID box, use the default Engine ID provided or type an administratively-unique identifier to an SNMP engine.
  5. In the User Name box, type a name.
  6. From the CloneFromUser list, select a security name from which the new entry copies authentication data and private data, if required.
  7. From the Auth Protocol list, select an authentication protocol.
  8. In the Cloned User's Auth Password box, type the authentication password of the cloned user.
  9. In the New User's Auth Password box, type an authentication password for the new user.
  10. From the Priv Protocol list, select a privacy protocol.
  11. In the Cloned User's Priv Password box, type the privacy password of the cloned user.
  12. In the New User's Priv Password box, type a privacy password for the new user.
  13. Click Insert.
    Caution

    Caution

    Security risk

    To ensure security, change the GroupAccess table default view after you set up a new user in the USM table. This prevents unauthorized people from accessing the system using the default user logon. Also, change the Community table defaults, because the community name is used as a community string in SNMPv1/v2 PDU.

USM Table field descriptions

Use the data in the following table to use the USM Table tab and the Insert USM Table dialog box. The system displays some fields only on the Insert USM Table dialog box.

Name

Description

EngineID

Specifies an administratively-unique identifier to an SNMP engine.

UserName

Creates the new entry with this security name. The name is used as an index to the table. The range is 1–32 characters.

SecurityName

Identifies the name on whose behalf SNMP messages are generated.

Clone From User

Specifies the security name from which the new entry must copy privacy and authentication parameters. The range is 1–32 characters. The system displays this option only in the Insert USM Table dialog box.

Auth Protocol

(Optional)

Assigns an authentication protocol (or no authentication) from a list. If you select an authentication protocol, you must enter an old AuthPass and a new AuthPass.

Cloned User's Auth Password

Specifies the current authentication password of the cloned user. The system displays this option only in the Insert USM Table dialog box.

New User's Auth Password

Specifies the authentication password of the new user. The system displays this option only in the Insert USM Table dialog box.

Priv Protocol

(Optional)

Assigns a privacy protocol (or no privacy) from a list.

If you select a privacy protocol, you must enter an old PrivPass and a new PrivPass.

Cloned User's Priv Password

Specifies the current privacy password of the cloned user. The system displays this option only in the Insert USM Table dialog box.

New User's Priv Password

Specifies the privacy password of the new user. The system displays this option only in the Insert USM Table dialog box.