Creates a new user account.
|admin||Specifies an access level for admin account type. This user has read and write privileges.|
|user||Specifies an access level for user account type. This user has read-only privileges.|
|lawful-intercept||Specifies an access level for lawful intercept account type.|
|account-name||Specifies a new user account name.|
Caution: Using this option incorrectly can result in you being locked out of your switch account.
This option specifies that the entered password is in encrypted hash format, not that the resulting password will be stored in encrypted form. Generally, this option should not be used. Using this option with a plain text password, as opposed to a hashed version of a password, can result in the user being locked out of the account.
|password||Specifies a user password.|
User Account Levels
By default, the switch is configured with two accounts with the access levels shown in the table below.
|Account Name||Access Level|
|admin||You can access and change all manageable parameters. The admin account cannot be deleted.|
|user||You can view (but not change)
all manageable parameters, with the following exceptions:
This user has access to the ping command.
|lawful-intercept||This user has special lawful intercept and
Note: Only a single lawful-intercept account can exist at any one time on the system.
You can use the default names (admin and user), or you can create new names and passwords for the accounts. Default accounts do not have passwords assigned to them. For name creation guidelines and a list of reserved names, see Object Names in the Switch Engine 32.2 User Guide .
The switch can have a total of 16 user accounts.
The system must have one administrator account.
When you use the encrypted keyword, the following password that you specify should be in encrypted hash format. Administrators should not use the encrypted option and should enter the password in plain text. Using this option with a plain text password, as opposed to a hashed version of a password, can result in the user being locked out of the account. Generally, this option should not be used. A valid use of this option would be when transferring account information between switches using the output of the show configuration command, where the displayed password is in hashed form. You can copy this hashed password and enter it as the password with the encrypted option. The switch will de-crypt the hashed password into the plain text password that as specified for the original account.
The system prompts you to specify a password after you enter this command and to reenter the password. If you do not want a password associated with the specified account, press [Enter] twice.
NoteUser names cannot begin with a number.
NoteIf the account is configured to require a specific password format, the minimum is eight characters. See configure account password-policy char-validation for more information.
The following example creates a new account named "John2" with administrator privileges:
create account admin John2
This command was first available in ExtremeXOS 10.1.
The encrypted option was added in ExtremeXOS 11.5.
The lawful intercept option was added in ExtremeXOS 15.3.2.
This command is available on ExtremeSwitching 5320, 5420, 5520, and 5720 series switches.