Wired Intelligent Edge

hi,

 

Is it possible to add a new local user on an aruba 2530?

 

 

Try " mgmt-user <local username> <root | read-only> "

 

It should then ask you for a password and re-verification of the password.

 

This will be the password for the local user.

 

 

--Give Kudos: found something helpful, important, or cool? Click Kudos Star in a post.
--Problem Solved? Click "Accepted Solution" in a post.

invalid command..

Did you try it from the config mode?

 

Example:

 

(A_RAK)(config)# mgmt-user A_RAK root

 

 

--Give Kudos: found something helpful, important, or cool? Click Kudos Star in a post.
--Problem Solved? Click "Accepted Solution" in a post.

yes i did maybe it does not work on an aruba switch 2530

This should work

 

aaa authentication local-user <username> // from config mode

 

 

--Give Kudos: found something helpful, important, or cool? Click Kudos Star in a post.
--Problem Solved? Click "Accepted Solution" in a post.

nope also does not work :( 

The full command is as follows.

 

(config)#aaa authentication local-user <USER> group <groupname> password plaintext

 

Refer to the security access guide for the command optimization and features. (Page 244)

 

https://h20628.www2.hp.com/km-ext/kmcsdirect/emr_na-a00050234en_us-3.pdf

 

 

--Give Kudos: found something helpful, important, or cool? Click Kudos Star in a post.
--Problem Solved? Click "Accepted Solution" in a post.

yes i can add the user and log in but i have no rights to execute any commands

You can use the following, adjust accordingly (e.g Group, Plaintext etc).

 

HP-2530-8G-PoEP(config)# aaa authentication local-user [test] group [operator] password plaintext
New password for test: ********
Please retype new password for test: ********

whats the command to add the local user to the manager role so i can do al the command via cli?

(config)#password manager user-name <name> plaintext

thats just a command to change the username for the manager user. I want to add a new local user with the same rights as a manager user.

A local user will not have write access.

What you are asking is not possible AFAIK.

If the intention here is to create a username and password for an administrator with write access.

You could configure an operator with write access to your switch.

Hello A_RAK, 

 

can you please explain me how do that? 

Basically need to add more then one administrator on the switch. 

 

Regards

Antonello

Refer to chapter 3 from the security access guide.

 

https://www.google.com/url?sa=t&source=web&rct=j&url=https://h20628.www2.hp.com/km-ext/kmcsdirect/emr_na-a00050234en_us-3.pdf&ved=2ahUKEwiLjtHPoeXoAhWsGTQIHZdvBWMQFjAAegQIBRAC&usg=AOvVaw3GMutfBfaWy6jlGXUqU1-S

 

 

Hi.

 

You can try using the following command to add a new user:

 

aaa authentication local-user admin-user group Level-15 password plaintext

 

The group will define the user's permissions. Level-15 is one of the default groups available. You can create your own group if you need to assign different permissions to the user.

 

Use the "show authorisation group" command to list the groups configurations.

Hello Minondas, 

 

thx for the replay, I tried with the command and I got tos error: 

Authorization group Level-15 does not exist.

 

Here the result of sh authorization group:

Local Management Groups - Authorization Information

Group Name : default-security-group
Group Privilege Level : 19

Users
----------------
admin-user

Seq. Num. | Permission Rule Expression Log
---------- + ---------- ------------------------------------------ -------
1 | Permit security-log Disable

 

If I create a user with this group I can login, but I cannot issue any command. 

How can I create a new privile-15 group?

 

Regards

Antonello

H amoneta,

 

Try creating the group with the following commands?

 

#aaa authorization group admin-group 10 match-command configure.* permit

#aaa authorization group admin-group 20 match-command .* permit

 

 

 

Hello  LPcarvalho, 

 

thank you, it si working for ssh access, but I cannot accesso to the web with this new user. I need to enable access to the WEBGUI and how? 

 

Thank you again. 

 

Regards.

or use a external server (like RADIUS or TACACS server)