< Home

Common Operations After Login

Displaying Online Users

After logging in to a switch, you can view information of users logged in to each user interface.

Run the display users [ all ] command to view information of users logged in to interfaces.

Clearing Online Users

You can disconnect an online user from a switch by clearing the user on the corresponding user interface.

  1. Run the kill user-interface { ui-number | ui-type ui-number1 } command to clear an online user.
  2. Run the display users command to view information about users logging in to a switch.

Setting a Password for Switching User Levels

To run commands of levels higher than your user level, you need to switch to a higher user level. A password must be set for switching user levels.
  1. Run the system-view command to enter the system view.
  2. Run the super password [ level user-level ] [ cipher password ] command to set a password for switching user levels.
On networks that do not require high security, you can disable complexity check for passwords used to switch a user from a low user level to a higher one.
  1. Run the system-view command to enter the system view.
  2. Run the super password complexity-check disable command to disable complexity check for passwords used to switch a user from a low user level to a higher one.

    For device security purposes, do not disable the password complexity check function and change the password periodically.

Switching User Levels

You need to enter a password when switching from a low user level to a higher one.
  1. Run the super [ level ] command to switch to a higher user level.
  2. Enter the password as prompted.

    If the password is correct, you will switch to a higher user level. If you enter incorrect passwords three consecutive times, the system returns to the user view and the user level remains unchanged.

    If a user is switched to a higher user level using the super command, the system generates a trap and records the event in a log. If a user is switched to a lower user level, the system only records the event in a log.

    Huawei switches use the combination of user name, password, and level to control users' operation rights. If you use the super command to switch user levels, this right control method will become invalid. Moreover, any user can use the super password of a higher level to obtain high-level operation rights. Therefore, you are not advised to use the super command to switch user levels.

Locking Configuration Rights

When multiple users log in to the system to perform configurations at the same time, configurations may conflict and services may be interrupted. To prevent this from occurring, configure exclusive configuration rights to ensure that only one user can perform configurations at a time.

  1. Run the configuration exclusive command to lock configuration rights for the current user.

    After you run the command, the configuration rights are exclusive to the current user and other users do not have configuration rights.

    If configuration rights are locked, a message is displayed when you attempt to lock the configuration rights again.

    This command applies to all views.

    Run the display configuration-occupied user command to check information about the user for whom configuration rights are locked.

  2. Run the system-view command to enter the system view.

  3. (Optional) Run the configuration-occupied timeout timeout-value command to set the timeout period for locking configuration rights.

    This command specifies the maximum period for locking configuration rights when no configuration command is run. After the specified period times out, the system automatically unlocks the configuration rights and other users can perform configurations.

    The default timeout period is 30 seconds.

Sending Messages to Other User Interfaces

You can send messages from the current user interface to other user interfaces.

  1. Run the send { all | ui-number | ui-type ui-number1 } command to enable message exchange between user interfaces.
  2. Enter the message to send as prompted. Press Ctrl+Z or Enter to end message input and press Ctrl+C to end the current operation.
  3. At the system prompt, enter Y to send the message and N to cancel message sending.

Locking a User Interface

When you need to temporarily leave the operated terminal, lock the user interface to prevent unauthorized users from operating the terminal.

  1. Run the lock command to lock the user interface.
  2. Enter the lock password and confirm password as prompted.
    <HUAWEI> lock
Please configure the login password (8-16)
Enter Password:
Confirm Password:
Info: The terminal is locked.

    After you run the lock command, the system prompts you to enter the lock password and confirm password. If the two passwords are the same, the current interface is locked successfully.

    By default, the minimum length of passwords in plain text allowed by a switch is 8 characters. You can set a longer password to increase password complexity and improve device security. Run the set password min-length length command to set the minimum length of passwords in plain text allowed by the switch.

    To unlock the user interface, you must press Enter and enter the correct login password as prompted.

Executing User-View Commands in the System View

Some commands need to be executed in the user view. To facilitate user-view command execution, you can perform the following configuration. After the configuration is complete, you can execute user-view commands directly in the system view, without the need to switch views.

  1. Run the system-view command to enter the system view.
  2. Run the run command-line command to allow the execution of user-view commands in the system view.

    By default, the system does not allow the execution of user-view commands in the system view.

Parent Topic: CLI Login Configuration
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >