username

Creates and configures a user account.

Syntax

username username password password role role_name [ access-time HHMM to HHMM ] [ desc description ] [ enable { true | false } ] [ encryption-level { 0 | 7 | 10 } ] [ expire { never | YYYY-MM-DD } ]
no username name

Parameters

username
Specifies the account login name.
access-time HHMM to HHMM
Restricts the hours during the day that the user may be logged in. Valid values range from 0000 through 2400. By default, users are granted 24 hour access. Use 24-hour format. For example, to restrict access to the daily work schedule, use access-time 0800 to 1800. By default, there is no access-time limitation. To change access time, include both the new "from" time and "to" time. To restore default access time, specify access-time 0000 to 2400.
desc description
Specifies a description of the account (optional). The description can be up to 64 characters long, and can include any printable ASCII character, except for the following characters: single quotation marks (‘), double quotation marks ("), exclamation point (!), colon (:), and semi-colon (;). If the description contains spaces, enclose the text in double quotation marks.
enable
Enables or disables the account.
true
(Default) Enables the account.
false
Disables the account. A user whose account is disabled cannot log in.
expire
Specifies the password expiration setting.
never
(Default) Does not specify a password expiration date.
YYYY-MM-DD
Specifies a password expiration date.
password password
Specifies the account password. To use the exclamation mark (!) character, either precede it with the escape character (\)—secret\!password—or enclose the password within double quotes—"secret!password".
role role_name
Specifies the role assigned to the username account.
encryption-level { 0 | 7 | 10 }
Specifies the password encryption level. The values are 0 (clear text), 7 (encrypted), and 10 (SHA512 hash), which is the default. If service password-encryption is enabled, it overrides a user-level setting.

Modes

Global configuration mode

Usage Guidelines

The username must be from 1 through 40 characters. It must begin with a letter or underscore and be comprised of only letters, numbers, underscore and period. A username is case sensitive. It cannot be the same as that of an existing role.

When creating a username, you must specify a password and a role. When modifying a username, it is sufficient to enter username username , followed by the new values.

The maximum number of user accounts on a device is 64.

If a user‘s password, access time, or role is changed, any login sessions for that user are terminated.

To specify access-time, use the system time defined for the Extreme operating system. For the current system time, enter show clock.

To delete a user, enter the no username username command.

Examples

The following example configures a user account.

device# configure terminal 
device(config)# username testUser password ******** role user desc 

The following example modifies an existing user account.

device# configure terminal
device(config)# username testUser desc "add op test user" 
 

The following example modifies an existing user account, restricting the hours that an existing user may be logged in from 08:00 AM through 18:00 PM.

device# configure terminal 
device(config)# username testUser access-time 0800 to 1800