Contents

1   Description

This instruction describes how to change attributes in the specific Administrator account that is used for initial and recovery scenarios when authentication to regular Operation and Maintenance (O&M) accounts is inaccessible.

2   Procedure

2.1   Change Administrator Account

Prerequisites

• No documents are required.
• No tools are required.
• The following conditions must apply:
  • The user has sufficient access rights to perform the task, for example, the user has System Security Administrator role.
  • The user is familiar with the security policy of the organization.
  • An Ericsson Command-Line Interface (ECLI) session in Exec mode is in progress.
  • The PasswordPolicy Managed Object (MO) is known.

Steps

1. Navigate to the AdministratorAccount MO, for example:

   >dn ManagedElement=NODE06ST,SystemFunctions=1,SecM=1,UserManagement=1,LocalAuthenticationMethod=1,AdministratorAccount=la-admin

2. Enter Config mode:

   (AdministratorAccount=la-admin)>configure

3. Set the AdministratorAccount attributes according to operators password policy, for example:

   (config-AdministratorAccount=la-admin)>passwordMaxFailure=5

4. Commit the settings:

   (config-AdministratorAccount=la-admin)>commit

5. Verify the settings:

   (AdministratorAccount=la-admin)>show -v

   The following is an example output:

   AdministratorAccount=la-admin administratorAccountId="la-admin" lastLoginTime="" <read-only> passwordChangedTime="" <read-only> passwordFailureCountInterval=86400 <default> passwordFailureTimes <read-only> "" passwordHistoryLength=12 <read-only> passwordMaxFailure=5 passwordMinLength=12 <read-only> passwordQuality="ManagedElement=NODE06ST,⇒ SystemFunctions=1,SecM=1,UserManagement=1,⇒ LocalAuthenticationMethod=1,PasswordQuality=1"