You are here: Home > CLI Commands > Just_CLI_Topics > local-userdb add

local-userdb add

local-userdb add

generate-username {generate-password|password <passwd>}

comments

email

expiry

guest-company

guest-fullname

guest-phone

mode

opt-field-1

opt-field-2

opt-field-3

opt-field-4

remote-ip

role

sponsor-dept

sponsor-email

sponsor-fullname

sponsor-name

start-time

username <name> {generate-password|password <passwd>}

comments

email

expiry

guest-company

guest-fullname

guest-phone

mode

opt-field-1

opt-field-2

opt-field-3

opt-field-4

remote-ip

role

sponsor-dept

sponsor-email

sponsor-fullname

sponsor-name

start-time

Description

This command creates a user account entry in Mobility Master’s internal database.

Syntax

Parameter

Description

Range

Default

generate-username

Automatically generate and add a username.

username

Add the specified username.

1–64 characters

generate-password

Automatically generate a password for the username.

password

Add the specified password for the username.

6–128 characters

comments

Comments added to the user account.

email

Email address for the user account.

expiry

Expiration for the user account. If this is not set, the account does not expire.

no expiration

duration

Duration, in minutes, for the user account.

1–2147483647

time

Date and time, in mm/dd/yyyy and hh:mm format, that the user account expires.

guest-company

Name of the guest’s company.

NOTE: A guest is the person who needs guest access to the company’s Aruba wireless network.

guest-fullname

The guest’s full name.

guest-phone

The guest’s phone number.

mode

Enables or disables the user account.

disabled

opt-field-1

This category can be used for some other purpose. For example, the optional category fields can be used for another person, such as a “Supervisor.” You can enter username, full name, department and Email information into the optional fields.

opt-field-2

Same as opt-field-1.

opt-field-3

Same as opt-field-1.

opt-field-4

Same as opt-field-1.

remote-ip

IP address assigned to the remote peer.

role

Role for the user. This role takes effect when the internal database is specified in a server group profile with a server derivation rule. If there is no server derivation rule configured, then the user is assigned the default role for the authentication method.

guest

sponsor-dept

The guest sponsor’s department name.

NOTE: A sponsor is the guest's primary contact for the visit.

sponsor-email

The sponsor’s email address.

sponsor-fullname

The sponsor’s full name.

sponsor-name

The sponsor’s name.

start-time

Date and time, in mm/dd/yyyy and hh:mm format, the guest account begins.

Usage Guidelines

When you specify the internal database as an authentication server, client information is checked against the user accounts in the internal database. You can modify an existing user account in the internal database with the local-userdb modify command, or delete an account with the local-userdb del command.

By default, the internal database in Mobility Master is used for authentication. Issue the aaa authentication-server internal use-local-switch command to use the internal database in a managed device; you then need to add user accounts to the internal database in the managed device.

Example

The following command adds a user account in the internal database with an automatically-generated username and password:

(host) [mynode] #local-userdb add generate-username generate-password expiry duration 480

The following information is displayed when you enter the command:

GuestConnect

Username: guest4157

Password: cDFD1675

Expiration: 480 minutes

Related Commands

Command

Description

show local-userdb

Use this command to show the parameters displayed in the output of this command.

show local-userdb-guest

Use this command to show the parameters displayed in the output of the local-userdb-guest add command.

mgmt-user

Use the webui-cacert <certificate name> command if you want an external authentication server to derive the management user role. This is helpful if there are a large number of users who need to be authenticated.

Use the mgmt-user webui-cacert <certificate_name> serial <number> <username> <role> command if you want the authentication process to use previously configured certificate name and serial number to derive the user role.

Command History

Release

Modification

ArubaOS 8.0.0.0

Command introduced.

Command Information

Platforms

License

Command Mode

All platforms

Base operating system.

Enable mode on Mobility Master.

/*]]>*/