- New and Changed Information
- Preface
- A Commands
- Advanced Services Modules Commands
- B Commands
- C Commands
- Caching Services Module Commands
- CLI Overview
- D Commands
- Debug Commands
- E Commands
- F Commands
- G Commands
- H Commands
- I Commands
- J Commands
- K Commands
- L Commands
- M Commands
- N Commands
- O Commands
- P Commands
- Q Commands
- R Commands
- S Commands
- Show Commands
- T Commands
- U Commands
- V Commands
- W Commands
- Z Commands
U Commands
The commands in this chapter apply to the Cisco MDS 9000 Family of multilayer directors and fabric switches. All commands are shown here in alphabetical order regardless of command mode. See “About the CLI Command Modes” section to determine the appropriate mode for each command.
undebug all
To disable all debugging, use the undebug all command.
Syntax Description
Defaults
Command Modes
Command History
|
|
---|---|
Usage Guidelines
Examples
The following example shows how to disable all debugging on the switch:
Related Commands
|
|
---|---|
update license
To update an existing license, use the update license command in EXEC mode.
update license { url | bootflash: | slot0: | volatile: } new_license_file old_license_ file
Syntax Description
Command Modes
Command History
|
|
Examples
The following example updates a specific license:
use-profile
To bind a profile to the FCIP interface, use the use-profile option. To disable a configured profile, use the no form of the option.
Syntax Description
Defaults
Command Modes
Interface configuration submode.
Command History
|
|
Usage Guidelines
Examples
The following example shows how to bind a profile to the FCIP interface:
Related Commands
|
|
---|---|
Displays an interface configuration for a specified FCIP interface. |
user-certdn-match
To set the certificate matching, use the user-certdn-match command. To disable this feature, use the no form of the command.
user-certdn-match attribute-name attribute-name search-filter string base-DN string
no user-certdn-match attribute-name attribute-name search-filter string base-DN string
Syntax Description
Defaults
Command Modes
Command History
|
|
---|---|
Usage Guidelines
Examples
Related Commands
|
|
---|---|
userprofile
To set the userprifile, use the userprofile command. To disable this feature, use the no form of the command.
userprofile attribute-name attribute-name search-filter string base-DN string
no userprofile attribute-name attribute-name search-filter string base-DN string
Syntax Description
Defaults
Command Modes
Command History
|
|
---|---|
Usage Guidelines
Examples
Usage Guidelines
Note Mapping of the local role to LDAP user attribute can be configured on MDS/NEXUS switches running 6.2 or greater.
Examples
Related Commands
|
|
---|---|
user-pubkey-match
To set the user-pubkey matching, use the user-pubkey-match command. To disable this feature, use the no form of the command.
user-pubkey-match attribute-name attribute-name search-filter string base-DN string
no user-pubkey-match attribute-name attribute-name search-filter string base-DN string
Syntax Description
Defaults
Command Modes
Command History
|
|
---|---|
Usage Guidelines
Examples
Related Commands
|
|
---|---|
user-switch-bind
To set the user-switch-bind, use the user-switch-bind command. To disable this feature, use the no form of the command.
user-switch-bind attribute-name attribute-name search-filter string base-DN string
no user-switch-bind attribute-name attribute-name search-filter string base-DN string
Syntax Description
Defaults
Command Modes
Command History
|
|
---|---|
Usage Guidelines
Examples
Related Commands
|
|
---|---|
username
To define a user, use the username command in configuration mode. To undo the configuration or revert to factory defaults. Use the no form of a command
username name [ expire date | Keypair {export uri {dsa | rsa} [force] | generate {dsa | rsa} [force] | import bootflash: uri | volatile: uri {dsa | rsa } [force] { iscsi | password [0 | 5 | 7 ] user-password [ expire date ] [role rolename] | priv-lvl privilege-level | role rolename | ssh-cert-dn distinguished-name {dsa | rsa} | sshkey { key-content | file filename }]
no username name [ expire date | Keypair export bootflash: uri | volatile: uri {dsa | rsa } [force] | generate {dsa | rsa } [force] | import bootflash: uri | volatile: uri {dsa | rsa }[force] iscsi | password [0 | 5 | 7 ] user-password [ expire date ] [role rolename] | | priv-lvl privilege-level | role rolename | ssh-cert-dn distinguished-name {dsa | rsa} | sshkey { key-content | file filename }]
Syntax Description
Defaults
Command Modes
Command History
|
|
Added the keypair and Priv-lvl keyword to the syntax description. |
|
Usage Guidelines
To change the SNMP password, a clear text CLI password is required. You must know the SNMPv3 password to change the password using the CLI.
The password specified in the username command is synchronized as the auth and priv passphrases for the SNMP user.
Deleting a user using either command results in the user being deleted for both SNMP and CLI.
User-role mapping changes are synchronized in SNMP and CLI.
The SSH X.509 certificate distinguished name (DN) is the distinguished name in the certificate. You need to extract the distinguished name from the certificate and specify the subject name as the argument to the username command.
The SSHkey is the public key that we use to authorize any remote machine to login to the switch without the need to enter the password. Basically its the passwordless authentication for the user who has that key. These keys are used by the SSH Server of the switch to authenticate a user.
The SSH keys will be used by the SSH client on the switch while doing an SSH/SCP to connect to the remote host from the switch. This keypair can be used to do a passwordless SSH/SCP from the switch to a remote server.
Examples
The following example shows how to configure the privilege level that the user need to assign:
The following example shows how to generate SSH keys:
The following example shows how to delete SSH keys:
The following example shows how to export a keypair to bootflash or to the volatile directory:
The user can configure the same set of SSH keypairs on different switches by copying the public and private keypair to that switch and importing them using the following commands.
The following example shows how to import keypair from bootflash or volatile directory:
The following example shows how to define a user:
The following example configures the name for a user to log in using iSCSI authentication:
The following example places you in the mode for the specified role (techdocs). The prompt indicates that you are now in the role configuration submode. This submode is now specific to the techdocs group.
The following example deletes the role called techdocs:
The following example assigns a description to the new role. The description is limited to one line and can contain spaces:
The following example resets the description for the Tech. Docs. group:
The following example creates or updates the user account (usam) along with a password (abcd) that is set to expire on 2009-05-31:
The following example creates or updates the user account (msam) along with a password (abcd) specified in clear text (indicated by 0):
The following example specifies an encrypted (specified by 5) password (!@*asdsfsdfjh!@df) for the user account (user1):
The following example adds the specified user (usam) to the network-admin role:
The following example deletes the specified user (usam) from the vsan-admin role:
The following example shows how to define a distinguished name on a switch for SSH certificate authentication:
The following example specifies the SSH X.509 certificate distinguished name and DSA algorithm for an existing user account (usam):
The following example specifies the SSH X.509 certificate distinguished name and RSA algorithm for an existing user account:
The following example deletes the SSH X.509 certificate distinguished name for the user account:
The following example identifies the contents of the SSH key for the specified user (usam):
The following example deletes the SSH key content identification for the user (usam):
The following example updates the SNMPv3 password for the specified user (joe). The local CLI password and the SNMP password are updated. If user Joe does not exist, the command fails:
Related Commands
|
|
---|---|
username (iSCSI initiator configuration and iSLB initiator configuration)
To assign a username for iSCSI login authentication, use the username command in iSCSI initiator configuration submode. To assign a username for iSLB login authentication, use the username command in iSLB initiator configuration submode. To disable this feature, use the no form of the command.
Syntax Description
Specifies the username for iSCSI or iSLB login authentication. |
Defaults
Command Modes
iSCSI initiator configuration submode.
iSLB initiator configuration submode.
Command History
|
|
---|---|
Usage Guidelines
Examples
The following example assigns the username for iSCSI login authentication of an iSCSI initiator:
The following example assigns the username tester for iSLB login authentication of an iSLB initiator:
switch (config-iscsi-islb-init)# username ?
<WORD> Enter username <Max Size - 32>
switch (config-iscsi-islb-init)# username tester
The following example removes the username tester for an iSLB initiator:
Related Commands
userprofile
To set the userprifile, use the userprofile command. To disable this feature, use the no form of the command.
userprofile attribute-name attribute-name search-filter string base-DN string
no userprofile attribute-name attribute-name search-filter string base-DN string
Syntax Description
Defaults
Command Modes
Command History
|
|
---|---|
Usage Guidelines
Examples
Usage Guidelines
Examples
|
|
---|---|