Method used to delete unnecessary accounts from the USG2000&5000 series

50

1. Check the device accounts and identify unnecessary ones.

display local-user
----------------------------------------------------------------------------
Username
State Type CAR Access-limit Online L2TP-IP Vpn-instance
----------------------------------------------------------------------------
admin
Active PWTM Dft No 4 --- public
----------------------------------------------------------------------------
Total 1,1 printed
2. Delete unnecessary accounts.

[sysname] aaa
[sysname-aaa] undo local-user user-name

Other related questions:
Method used to delete unnecessary accounts from the USG6000
1. Check the device accounts and identify unnecessary accounts to be deleted. display manager-user ---------------------------------------------------------------------------- Username State Type CAR Access-limit Online L2TP-IP ---------------------------------------------------------------------------- admin Active PWTM Dft No 4 --- ---------------------------------------------------------------------------- Total 1,1 printed 2. Delete unnecessary accounts. [sysname] aaa [sysname-aaa] undo manager-user user-name

Login method if the account and password are forgotten for the USG2000&5000 series
Upon the factory delivery, default administrator account admin and password Admin@123 are provided for the access to the USG2000&5000 series in three modes: Telnet, web UI, and console port.

Creating accounts with different permissions on the USG2000&5000
Create accounts with different permissions on the USG2000&5000 as follows: 1. Perform as follows to create services of different permissions in the CLI: system-view Enter system view, return user view with Ctrl+Z. [USG5100]aaa [USG5100-aaa]local-user admin service-type ? dot1x 802.1X user ftp FTP user ppp Indicate PPP user ssh SSH user telnet Telnet user terminal Terminal user web Web authentication user //This indicates service permissions that can be allocated to the user.// [USG5100-aaa]local-user admin service-type telnet web //This indicates allocating web and Telnet access permissions to the admin account.//

Login method of the USG2000&5000 series
The USG2000&5000 series supports login through the console port, web UI, Telnet, and SSH.

Method used to process user expiration for the USG2000&5000 series
The account expiration time can be configured on the device. An expired account cannot be used for login. However, the NGFW does not force online users offline after their accounts expire. To activate an expired account, prolong the validity period or set the expiration date to never. system-view [sysname] user-manage user test [sysname-localuser-test] expire-time 2015/12/31

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top