Contents

1   Introduction

This document describes how to change attributes in an existing local Operation and Maintenance (O&M) user account.

1.1   Prerequisites

This section describes the prerequisites, which must be fulfilled before using the procedure.

1.1.1   Conditions

The following conditions must apply:

• The user has sufficient access rights to perform the task, for example, the user has System Security Administrator role.
• The user is familiar with the security policy of the organization.
• An Ericsson Command-Line Interface (ECLI) session in Exec mode is in progress.
• The password policy is known.
• The account policy is known.
• The username (logon ID) for the new local user account is known. In this document, username is joedoe.
• User account for the username exists.

2   Procedure

To change a local O&M user account:

1. Navigate to the UserAccount Managed Object (MO), for example:

   >dn ManagedElement=NODE06ST,SystemFunctions=1,SecM=1,UserManagement=1,LocalAuthenticationMethod=1,UserAccountM=1,UserAccount=joedoe

2. Enter Config mode:

   (UserAccount=joedoe)>configure

3. Is it required to change account policy for the user account?

   Yes: Continue with next step.

   No: Proceed with Step 5.

4. Change the account policy for the user account, by setting the reference to the appropriate AccountPolicy MO, for example:

   (config-UserAccount=joedoe)>accountPolicy="ManagedElement=NODE06ST,SystemFunctions=1,SecM=1,UserManagement=1,LocalAuthenticationMethod=1,AccountPolicy=2"

5. Is it required to change password policy for the user account?

   Yes: Continue with next step.

   No: Proceed with Step 7.

6. Change the password policy for the user account, by setting the reference to the appropriate PasswordPolicy MO, for example:

   (config-UserAccount=joedoe)>passwordPolicy="ManagedElement=NODE06ST,SystemFunctions=1,SecM=1,UserManagement=1,LocalAuthenticationMethod=1,PasswordPolicy=2"

7. Is it required to change username assigned to the user?

   Yes: Continue with next step.

   No: Proceed with Step 9.

8. Change the full username assigned to the user, for example:

   (config-UserAccount=joedoe)>userName="John Matthew Doe"

   Note:  

   This attribute contains a descriptive name of the user, not the logon ID.

   
   
9. Commit the settings:

   (config-UserAccount=joedoe)>commit

10. Verify the settings, for example:

    (UserAccount=joedoe)>show -v

    The following is an example output:

    UserAccount=joedoe accountPolicy="ManagedElement=NODE06ST,SystemFunctions=1,SecM=1,⇒ UserManagement=1,LocalAuthenticationMethod=1,AccountPolicy=2" accountState=LOCKED <read-only> accountUsageState=UNUSED <read-only> administrativeState=LOCKED lastLoginTime="" <read-only> lockedTime="2015-11-13T11:16:19Z" <read-only> passwordChangedTime="" <read-only> passwordFailureTimes=[] <empty> <read-only> passwordPolicy="ManagedElement=NODE06ST,SystemFunctions=1,SecM=1,⇒ UserManagement=1,LocalAuthenticationMethod=1,PasswordPolicy=2" passwordState=[] <empty> <read-only> roles ”SystemAdministrator” ”EricssonSupport” userAccountId="joedoe" userLabel=[] <empty> userName=”John Matthew Doe”