340
undo password-control aging
Default
A password expires after 90 days. The password aging time for a user group equals the global
setting. The password aging time for a local user equals that of the user group to which the local user
belongs.
Views
System view
User group view
Local user view
Predefined user roles
network-admin
mdc-admin
Parameters
aging-time
: Specifies the password aging time in days, in the range of 1 to 365.
Usage guidelines
The aging time depends on the view:
•
The time in system view has global significance and applies to all user groups.
•
The time in user group view applies to all local users in the user group.
•
The time in local user view applies only to the local user.
A password aging time with a smaller application scope has higher priority. The system prefers to
use the password aging time in local user view for a local user.
•
If no password aging time is configured for the local user, the system uses the password aging
time for the user group to which the local user belongs.
•
If no password aging time is configured for the user group, the system uses the global password
aging time.
Examples
# Globally set the passwords to expire after 80 days.
<Sysname> system-view
[Sysname] password-control aging 80
# Set the passwords for user group
test
to expire after 90 days.
[Sysname] user-group test
[Sysname-ugroup-test] password-control aging 90
[Sysname-ugroup-test] quit
# Set the password for device management user
abc
to expire after 100 days.
[Sysname] local-user abc class manage
[Sysname-luser-manage-abc] password-control aging 100
Related commands
display local-user
display password-control
display user-group
password-control aging enable