Configuring a local user for a group
Local manager user logins and authorized command configuration are mutually exclusive with RADIUS or TACACS authentication and with RADIUS authorization and accounting.
To create a local user enter this command for the group with the appropriate authorizations.
Syntax
[no] aaa authentication local-user <username> group <group-name> password <plaintext|sha1 <password>
Defines a local user for a defined group.
- local-user
username
-
The local user being added to the authorization group. The user name can have a maximum of 16 characters. It must not contain spaces and is case-sensitive.
- group
group-name
-
The authorization group the local user belongs to. The group must have been created already.
- password<plaintext|sha1
password
-
The plaintext password string can have a maximum of 16 characters. It must not contain spaces and is case-sensitive.
NOTE:You are not allowed to actually enter the plaintext password in-line as part of the command. You are prompted for it. The password is obscured when you enter it. The password is obscured when you enter it. This is similar to entering the password for the manager or operator.
If include-credentials is enabled, displaying the configuration shows the user passwords as SHA1 hash. If include-credentials is not enabled, then no password information is shown.
If a user is assigned to a command group and the group is subsequently deleted, the user has operator privileges.