Ability to add secret password to local usernames 2511

Similar Messages

• 3750X Prompts for Device/Enable Password Instead of Local Username/Password

  I've got two 3750X switches that were built from a fairly basic template from my existing 3750/3560 switches. However, these new switches ONLY prompt for the device/enable passwords instead of the configured local username/password when connecting by console/telnet/ssh. Here's the config that I think is relevant, sans password strings. Only real difference is that the new switches are running an IOS 15.2 build, the 3750 switches are running 12.4, and the 3560 is currently running 15.0 (pending an update).
  enable secret 5 string
  username Administrator privilege 15 secret 5 string
  line con 0
   password 7 string
   login local
  line vty 0 4
   password 7 string
   login local
   length 0
  line vty 5 15
   password 7 string
   login
   length 0
  Any way to correct this?
  Thanks!

  usually you need "login local" under all the vty lines in order to authenticate locally unless you use ACS server for authentication.
  HTH

• Local Username and Password

  I have AAA running on my router and I can authenticate/authorize using the ACS server. I wanted test my config so I turned off the ACS server and tried logging in using the local username and password, I authenticate fine but then I get %Authentication failed. And then the username prompt comes up. This concerns me because I have to have a back door into my routers in case the ACS server goes down for whatever reason.

  I am sorry it does say AUTHORIZATION FAILED. I am also posting my config.
  Building configuration...
  Current configuration : 1384 bytes
  version 12.2
  service timestamps debug uptime
  service timestamps log uptime
  service password-encryption
  hostname BIZNESS
  aaa new-model
  aaa authentication login default group tacacs+ local
  aaa authorization exec default group tacacs+ local
  aaa authorization commands 5 default none
  enable password xxx
  username xxx password xxx
  ip subnet-zero
  call rsvp-sync
  interface FastEthernet0/0
  ip address 165.x.x.x 255.255.255.0
  duplex auto
  speed auto
  interface Serial0/0
  no ip address
  shutdown
  ip classless
  no ip http server
  menu ADMIN1 prompt ^CSELECT AN OPTION PUNK^C
  menu ADMIN1 text 1 SHO IP INTERFACE BRIEF
  menu ADMIN1 command 1 SHOW IP INTERFACE BRIEF
  menu ADMIN1 text 2 SHOW INTERFACE FA0/0
  menu ADMIN1 command 2 SHO INT FA0/0
  menu ADMIN1 text 3 SHOW RUN INTERFACE FA0/0
  menu ADMIN1 command 3 SHOW RUN INT FA0/0
  menu ADMIN1 text 4 SHOW ARP
  menu ADMIN1 command 4 SHOW ARP
  menu ADMIN1 text 5 EXIT
  menu ADMIN1 command 5 LOGOUT
  tacacs-server host 165.110.30.15 key 7 00071A1507545A545C
  tacacs-server directed-request
  dial-peer cor custom
  privilege exec level 5 show ip interface brief
  privilege exec level 5 show interface fa0/0
  privilege exec level 5 show show run interface fa0/0
  privilege exec level 5 show show arp
  line con 0
  line aux 0
  line vty 0 4
  password xxx
  end

• AAA confusion - local username access

  Hey all,
  I am a little confused.
  I have the following commands on my device:
  username blah privilege 15 secret 5 blah!@#$%%
  aaa new-model
  aaa authentication login default group tacacs+ local
  aaa authentication enable default group tacacs+ enable
  aaa authorization config-commands
  aaa authorization commands 0 default group tacacs+
  aaa authorization commands 15 default group tacacs+ local
  aaa accounting exec default start-stop group tacacs+
  aaa accounting commands 0 default stop-only group tacacs+
  aaa accounting commands 15 default start-stop group tacacs+
  aaa accounting connection default start-stop group tacacs+
  Everything works fine.
  However when I bring down the TACACS server I am able to login into the device with the local username but it fails when I enter the enable command. How can I have access when in case of emergency that TACACS fails? I have researched online and have tried multiple commands. Is there anything I am missing? I do have an enable secret password configured as well. But don't even get a chance to enter. when entering "en" at > prompt:
  % Authentication failed.
  Thanks in advance for your help.
  My testing has led to frustration.

  Hi Geo,
  First please give the fall back method for command 0.
  aaa authorization commands 0 default group tacacs+
  add local
  aaa authorization commands 0 default group tacacs+ local
  Make sure you are putting in right enable password, try to reset it and give it a shot.
  If issue is there then get the output of debug tacacs and debug aaa authentication
  Regards,
  ~JG
  Do rate helpful posts

• Can not add Domain User to Local Admin Group Win8.1

  Hello, 
  I am trying to add a domain user to the local admin account on a Win8.1 Enterprise computer. When I click the check name button it asks me to enter network credentials even though I am signed in to the computer with a domain admin account. When I try to
  type in any of my domain admin accounts it says "The Username or Password is incorrect". Even though I used that same account to login with. I can successfully ping all 3 of my DCs from the computer and have tried putting my second DC as the primary
  DNS and my third DC as the primary DC and same problem. I have checked for Active Directory errors on the DC and everything says it is running fine on the DC in server manager. I have this problem on multiple computers. Some of the computers it will work on
  but 90% of them it won't allow me to add the local user to the local admin group. 
  DCs are running Win Server 2008 R2 Enterprise. 
  Any help would be greatly appreciated. 
  Thank You

  I would suggest you to use Restricted Group(via GPO) to add domain users/group to a local admins group 
  1)Create a new group in Active Driectory
  Create a new group in Active Driectory that you wish to add to every workstations local administrator group. DO NOT add any users to this group at this time.
  2.
  Create a new GPO
  Create a new group policy object and link it to the desired OU. Make sure that the GPO you are using covers the OU that the WORKSTATIONS you are wanting to give users local administrative rights over.
  3.
  Edit the newly created GPO
  Navigate within the newly created GPO to Computer Configuration -> Policies -> Windows Settings -> Security Settings --> Restricted Groups
  4.
  Add your new Active Directory group to the Restricted Group
  Right-click the Restricted Groups folder and select "Add Group" to add your new Active Directory group to the Restricted Group. In the Group field, type the name of the newly created Active Directory group and click "OK"
  5.
  Add the Restricted Group to the local administrator group
  In the Restricted Group Properties windows click "Add" under the section titled "This group is a member of:" Type "Administrators" (without the quotes and yes it is plural), in the Group Membership window and click "OK"
  6.
  Wait for GPO updates to apply to the workstations
  Once your users receive their updated group policy settings every workstation within the OU you specified will have your new Active Directory group as a member of the local administrators group. If you need to force the GPO update on a specific workstation,
  run "gpupdate /force" in a command window on that workstation.
  7.
  Add a user or group of users to the Active Directory Restricted Group
  When you are ready, or in a position where you need to provide local workstation admin rights you can simply add the users or group of users to the Active Directory group that you created for use with Restricted Groups within your Active Directory Management
  Console.

• How do I add a password to my list?

  when i go to the PayPal site i am not asked if I want to save password. How do I add my password and the paypal web to my list of passwords?

  Hey art4750,
  Go to ''Tools >Options >Security'' tab. First I would check to be sure that you haven't set paypal as an exception to not remember your password.
  There is a lot of useful information in this article about the [https://support.mozilla.com/en-US/kb/make-firefox-remember-usernames-and-passwords?s=password+manager&r=1&as=s Firefox Password Manager]. It should answer any other questions you might have.
  You can also remove the cookies from that site to make the site forget you if you've created a remember me cookie by going to ''Tools > Options > Privacy > Cookies: "Show Cookies" ''
  Hopefully this helps!

• Is there any way to add a password to the guest account?

  We use a computer reservation system for public computers in my library.  I would love to have the functionality of the guest account so the account is wiped after every log out. 
  The problem with our reservation system is, it requires an account with a password for the system to work properly.  So for the past year, I have been running a standard user account with 3rd party software to lock out the ability to permently change anything on the system.  The problem with this is, it retains any changes users make until the system is restarted, not logged out.  So by the end of a 12 hour day the machine can be pretty screwed up if it hasn't been restarted at some point.
  The Guest Account is exactly what I want, but if I can't find a way to add a password to it there is no way for my reservation system to use it.

  You could write a shell script to do that and run it on logout via a logout hook:
  http://seeskill.wordpress.com/2012/02/23/mac-os-x-login-and-logout-scripts-demys tified/
  https://developer.apple.com/library/mac/#documentation/MacOSX/Conceptual/BPSyste mStartup/Chapters/CustomLogin.html#//apple_ref/doc/uid/10000172i-SW10-BAJCGEGG
  I can't be of much help writing such a script. Apple also cautions against such scripts since due to the fact that they run as root they're a security risk. Apple recommends using launchd, something which I have no experience with, but I found a presentation on the basics here that might help:
  http://www.macos.utah.edu/documentation/operating_systems/launchd.html
  I don't know of any other way to remove user documents and settings automatically on logout.
  Regards.

• ASDM Access and local username/PW

  Ok, I happened upon this today and thought it was a bit weird. We have a pair of ASA5520 as our primary firewalls.
  We are using EasyVPN,and the usernames authenticate via the local username / PW configured on the firewall. All of these usernames have Privilege 0, however, these usernames are able to log into the firewall via SSH, AND when I use one of them to log into ASDM, they can go in and make config changes. I don't like that.I'm sure you can see why... How do I make it so that only my level 15 priv username can get logged in via ASDM? I've looked into AAA command authorization, but I don't see how that would apply to ASDM access.
  Firewall setup:
  aaa authentication http console LOCAL
  aaa authentication ssh console LOCAL
  aaa authentication enable console LOCAL
  username user password password priv 15
  username user1 password password1 priv 0
  username user2 password password2 priv 0
  username user3 password password3 priv 0

  To achieve this you need to enable authorization.
  aaa authorization command LOCAL
  Let me know if you have any questions.
  Regards,
  ~JG
  Do rate helpful posts

• Hello, I just purchase Adobe Premier elements 12. I installed it but the only problem is when I try to open "new project" it tells me I have to put my password in and username for the first seven days of installation, but when I do that the project never

  Hello, I just purchase Adobe Premier elements 12. I installed it but the only problem is when I try to open "new project" it tells me I have to put my password in and username for the first seven days of installation, but when I do that the project never opens, it just has the loading bar loading and then it stops, so I have no idea wat the problem is, please help

  new project help
  What computer operating system is your Premiere Elements running on?
  Have you gone through the typical drills of
  1. Latest version of QuickTime installed on your computer with Premiere Elements?
  2. Running program from User Account with Administrative Privileges as well as from Run As Administrator applied to the desktop icon
  with right click of the icon, followed by selecting Run As Administrator?
  3. Does problem exist with and without the antivirus and firewall(s) disabled?
  4. Even though the Premiere Elements 12 Editor will not open, can you open the Elements Organizer 12?
  If Yes to all of the above, please review the following for a possible solution...
  ATR Premiere Elements Troubleshooting: PE12: Premiere Elements 12 Editor Will Not Open
  Please review and consider the above and then we can decide what next which might include trying to open
  the program directly from the .exe files.  (If Windows 7, 8, or 8.1 64 bit, Local Disk C\Program Files\Adobe\
  Adobe Premiere Elements 12\ and in the Adobe Premiere Elements 12 Folder are the Adobe Premiere Elements 12.exe
  and Adobe Premiere Elements.exe files. Double click the Adobe Premiere Elements .exe file to try to open the project.)
  We will watching for your results.
  ATR

• I am getting the message that my email password and/or username is not correct. It is correct! I am the only one who cannot send or receive emails...I am the only one using a mac.

  I am getting the message that my email password and/or username is not correct. They are both correct! I am the only one who cannot send or receive emails...I am the only one using a mac. i use mac mail and it is my companies server. I took my computer and iPhone to the Apple store...4 hours later they said that couldn't figure out why it wasn't working.  Any suggestions???? I am also not able to log into the C-Panel...

  Same here! Happened yesterday to me on New iPad and iPhone 4S. On iPad I managed to correct it by removing the account and activating it again as an Exchange account...I have mail and calendar OK!
  On the iPhone nothing seems to  work!
  Facts:
  1. everything worked perfectly for years!
  2. I have the 2-step authentication deactivated  on my google account so it cannot be this one.
  3. On desktop everything works just fine, on iPad everything is OK with Exchange account added (after Google removed support for Exchange account access I CAN ONLY HAVE ONE DEVICE with Google Exchange account, so doing the same on the iPhone does not work!)
  4. Tried to remove and add the account again - no results.
  5. Tried to remove and add as Google, as Exchange, as Other account - I get calendar but no mail!!!
  6. Tried to reboot between remove/add accounts - no results.
  7. Tried to ("reset settings") reset the device - no results.
  8. Tried to add as POP account and I it worked - I get mail but I do not need POP as I am using zounds of mail with labels and need to be working on an IMAP account
  9. To make things even more complicated...I have another account which works perfectly!!!!!
  Anyone out there having a clue?

• How to add "reset password" to login page

  Hi,
  I am new to HTMLDB. I created a login page which ask for username/password. How can I add "reset password" to the login page so that the user can change the password when login to the application. Thanks for your help.

  hi Bunty,
  For that pasword input feild first select in the webdynpro screen, goto  properties tab , in that you find one option called passwordField , set it true.
  this will solve your problem
  Regards
  Govardan Raj

• How do I add a password to my list after leaving the site requiring one?

  After establishing my ID and password for a shopping site, and Firefox did not automatically ask if I wanted it saved (and I did not say "Never for this site") how can I add the password to my list so that it automatically fills in next time I visit that site?

  See http://kb.mozillazine.org/User_name_and_password_not_remembered

• When creating a fillable PDF form can I add a password to only selected fields?

  I am creating a fillable form which will require data entry from several different people before being returned to my office. There are certain fields on the form that need to be restricted to personnel in my office only. I have tried to accomplish this restriction many different ways but have been unsuccessful.
  The closest I have come to accomplishing this restriction is by adding a "For HRO Only" button which I can use to hide certain fields from personnel outside of my office and unhide the text field when the button is clicked. This would be perfect if I could add a password to the button. Unfortunately this is either not possible or I haven't figured out how to do it which means that personnel outside of my office can still access the fields with a click of a button.
  The only other way I have thought of to accomplish this restriction is to mark those fields as "read only" but it seems as though it would be very time consuming for personnel in my office to complete the form due to the fact that they would have to open "edit form",  open the properties for each field requiring their input, and uncheck "read only" for each one.
  Any help/options/ideas you can provide will be greatly appreciate. Thank you!

  Thank you so much for the quick response. This will be a huge help! I hate to be a bother, but can you tell me the steps to create the script or give me a reference/resouce to use? I have used adobe products quite a bit, but this is my first time creating a PDF Fillable Form that will be distributed for use by several people so I am a little lost.
  Also, I seem to be running into one more problem that I am hoping you can help me figure out. On the form there is a question for the recipient  to answer by checking one of two boxes, yes or no. Depending on the answer an action is initiated. This feature works perfectly, however the issue is that when the recipient choses "yes" he/she is directed to fill out four additional fields that I currently have set as "required", but when the recipient choses "No" the four additional fields are hidden yet still required. This becomes an issue when the recipient has completed the form and tries to submit the form. An error message pops up notifying the user there are required fields that are empty and must be completed before submission.
  My thought is (in a perfect world) one of these two options would be ideal:
  1. When the "No" option is chosen the four additional fields are changed from required to not required, or
  2. When the "No" option is chose the four additional required fields are autopopulated with NA.
  Either remedy would work just fine, however I am open to suggestions... Again thank you so much for your help with my previous question and thank you in advance for any information/help/advice you can provide in regards to my second question. 

• I would like to add a password to the saved passwords list.

  I would like to add a password to Firefox's saved passwords but I can find no way to manually do this. The site does allow password saving, but Firefox does not prompt me to "Remember, Never Remember or Not Now" when I go to log in. The site is not listed on the "remembered passwords - exceptions" list. I do not know whether I have clicked "Never Remember" on a previous visit. Any help would be appreciated! Thank you.

  Do you get that prompt on other sites if you try to store a password?
  Did you check that the website isn't using autocomplete=off ?
  http://kb.mozillazine.org/User_name_and_password_not_remembered (bookmarklet)
  http://kb.mozillazine.org/Password_Manager
  Can you post link?

• Can I add a password to a PDF portfolio created from multiple emails?

  Hi,
  Does anyone know how I can add a password to a PDF portfolio that I created by converting several emails into a PDF?
  Thanks in advance for your invaluable help!
  -Matt

  When viewing a Portfolio the classic Tools Pane is not visible, so you cannot apply security in the usual way.
  Instead, open the properties dialog (menu > File > Portfolio Properties) and select the Security tab. Change the dropdown field to "password security" and the dialog box will appear to enter the permissions information.