AsterNOS-local_user

22 min

this chapter provides examples on how to use netconf to manage local user configurations on asternos devices create new local user request example to create a local user via edit config \<config> \<top> \<users operation="create"> \<user> \<name>test11\</name> \<password>123456\</password> \</user> \<user> \<name>test12\</name> \<password>123456\</password> \</user> \<user> \<name>test13\</name> \<password>123456\</password> \</user> \</users> \</top> \</config> response example \<rpc reply xmlns="urn\ ietf\ params\ xml\ ns\ netconf\ base 1 0" message id="urn\ uuid\ f78def8c 1164 4ec8 9af5 c204eecd7420"> \<ok/> \</rpc reply> remove specified local user request example to remove a local user via edit config \<config> \<top> \<users> \<user operation="delete"> \<name>test1\</name> \</user> \</users> \</top> \</config> response example \<rpc reply xmlns="urn\ ietf\ params\ xml\ ns\ netconf\ base 1 0" message id="urn\ uuid\ a4170319 d410 44bc 86da 7461fc38c790"> \<ok/> \</rpc reply> change the password of local user request example to change password of local user via edit config \<config> \<top> \<users> \<user operation="merge"> \<name>test11\</name> \<password>987654\</password> \</user> \</users> \</top> \</config> response example \<rpc reply xmlns="urn\ ietf\ params\ xml\ ns\ netconf\ base 1 0" message id="urn\ uuid\ a02b9a72 4c2c 450f 8849 00d04c8440df"> \<ok/> \</rpc reply> get current local users request example to get all local user via get config \<filter type="subtree"> \<top> \<users> \</users> \</top> \</filter> response example \<rpc reply xmlns="urn\ ietf\ params\ xml\ ns\ netconf\ base 1 0" message id="urn\ uuid\ dfd92f28 43c4 4178 adae f6461d9aaa68"> \<data> \<top> \<users xmlns="http //asterfusion com/ns/yang/asternos local user"> \<user> \<name>global\</name> \</user> \<user> \<name>admin\</name> \</user> \<user> \<name>test11\</name> \<password>$y$j9t$rortomc5ilbs 8afyloz $phbktpm9lwe0jpoccjglznihv ag0m9dmy18o6uvao4\</password> \</user> \<user> \<name>test12\</name> \<password>$y$j9t$ikrcrqxvlwm/thasnwrqj $n/kxpb9kgk9bte90vpdhzq4mcl8tzaa800u76onva/8\</password> \</user> \<user> \<name>test13\</name> \<password>$y$j9t$rhogqibizpsjfexsz7can0$cwswcmzzrrahbrnx8tcl10te2e4cxlu3tri0zsj03e6\</password> \</user> \</users> \</top> \</data> \</rpc reply> get local user policy note the default retry count is 5, default block time is 5 minutes request example to get local user policy via get config \<filter type="subtree"> \<top> \<local user policy> \</local user policy> \</top> \</filter> response example \<rpc reply xmlns="urn\ ietf\ params\ xml\ ns\ netconf\ base 1 0" message id="urn\ uuid\ e3d1c2c1 233a 4b93 ad86 10bd9a4e29ca"> \<data> \<top> \<local user policy xmlns="http //asterfusion com/ns/yang/asternos local user"> \<retry count>5\</retry count> \<block time>5\</block time> \</local user policy> \</top> \</data> \</rpc reply> update local user policy request example to update local user policy via edit config \<config> \<top> \<local user policy operation="merge"> \<block time>6\</block time> \<retry count>3\</retry count> \</local user policy> \</top> \</config> response example \<rpc reply xmlns="urn\ ietf\ params\ xml\ ns\ netconf\ base 1 0" message id="urn\ uuid\ f802f146 d847 4a30 970c d79a10f7b0aa"> \<ok/> \</rpc reply> remove local user policy note you can lift the security restrictions on local users by delete the local user policy resource request example to delete local user policy via edit config \<config> \<top> \<local user policy operation="delete"> \</local user policy> \</top> \</config> response example \<rpc reply xmlns="urn\ ietf\ params\ xml\ ns\ netconf\ base 1 0" message id="urn\ uuid\ b0d79773 a804 4f65 8477 aed47a51167a"> \<ok/> \</rpc reply> get local password policy note the default local password policy is disabled local password policy doesn't support delete operation request example to get local user policy via get config \<filter type="subtree"> \<top> \<local password policy> \</local password policy> \</top> \</filter> response example \<rpc reply xmlns="urn\ ietf\ params\ xml\ ns\ netconf\ base 1 0" message id="urn\ uuid 7fb20a34 ed8c 45c9 a88d 7d13621220d0"> \<data> \<top> \<local password policy xmlns="http //asterfusion com/ns/yang/asternos local user"> \<enabled>false\</enabled> \</local password policy> \</top> \</data> \</rpc reply> update local password policy request example to update local user policy via edit config \<config> \<top> \<local password policy operation="merge"> \<enabled>true\</enabled> \<min len>9\</min len> \<min lowercase>1\</min lowercase> \<min uppercase>1\</min uppercase> \<min digits>1\</min digits> \<min special chars>1\</min special chars> \</local password policy> \</top> \</config> response example \<rpc reply xmlns="urn\ ietf\ params\ xml\ ns\ netconf\ base 1 0" message id="urn\ uuid 2c283000 462d 4388 8de9 0cc990bd3b88"> \<ok/> \</rpc reply> show local user block configurations request example to show local user block configurations via rpc show users block conf \<show users block conf/> response example \<rpc reply xmlns="urn\ ietf\ params\ xml\ ns\ netconf\ base 1 0" message id="urn\ uuid 17d082ab c5d8 48a8 a1e9 afd363d743c7"> \<data> \<local user policy> \<retry count>3\</retry count> \<block time>6\</block time> \</local user policy> \</data> \</rpc reply> shows information of local users blocked request example to show users blocked via rpc show users blocked \<show users blocked/> response example \<rpc reply xmlns="urn\ ietf\ params\ xml\ ns\ netconf\ base 1 0" message id="urn\ uuid 4c1dce48 7990 48e9 ae30 52ad9fa0d551"> \<data xmlns="http //asterfusion com/ns/yang/asternos local user"> + + + + + \| login | failures | latest failure | from | +=========+============+=====================+===============+ \| test11 | 3 | 2025 09 26 09 14 04 | 192 168 17 96 | + + + + + \</data> \</rpc reply> shows information of local users blocked request example to show users brief via rpc show users brief \<show users brief/> response example \<rpc reply xmlns="urn\ ietf\ params\ xml\ ns\ netconf\ base 1 0" message id="urn\ uuid 3f188774 21a8 4ae2 b668 9acb0db396e8"> \<data xmlns="http //asterfusion com/ns/yang/asternos local user"> + + + + + + \| user | online | blocked | login ip | login time | +========+==========+===========+===============+==============+ \| admin | yes | no | 192 168 17 54 | sep 28 03 53 | + + + + + + \</data> \</rpc reply> shows information of local users password control request example to show local users password control via rpc show users password control \<show users password control/> response example \<rpc reply xmlns="urn\ ietf\ params\ xml\ ns\ netconf\ base 1 0" message id="urn\ uuid 6d8b52cd 2859 481f bee8 c4a476cd5f2c"> \<data> \<local password policy> \<state>enabled\</state> \<min len>9\</min len> \<min lowercase>1\</min lowercase> \<min uppercase>1\</min uppercase> \<min digits>1\</min digits> \<min special chars>1\</min special chars> \</local password policy> \</data> \</rpc reply>