Configuring, Deleting, and Querying User Information

Setting User Information

The aaaUser object sets the user information for a specified, user. The MO for the user is an MO with a name that has the format user-<*username*>, where username is the name of the user.

CLI Commands

The CLI commands are equivalent to the payload examples displayed in the pane on the right. Click the DME tab in the top-left corner of the right pane to view the JSON payload. Click the YANG tab to view the XML payload.

username UserA password xcvF!tryu
username UserA expire 2020-12-01e

Note: The property information for this example was added in Release 9.3(3).

Verifying a DME Configuration
The following table contains the distinguished name (DN) for each managed object (MO) in the DME payload. Issue a GET request using the DN to verify the configuration was posted or to get information about the configured properties of a particular object.

MO	DN
aaaUserEp	sys/userext
aaaUser	sys/userext/user-{[name]}

aaaUser Properties

The following table contains information about the aaaUser properties in the DME payload. For more information about the properties and MOs, see the NX-API DME Model Reference linked in the Related Documentation section below.

Property Name	Data Type	Description	Values
allowExpired	aaa:Boolean (scalar:Enum8)	Allow expired user to be configured	SELECTION: 0 - no 1 - yes DEFAULT: no
expiration	aaa:Date (scalar:Date)	Account Expiration Date	DATE FORMAT: %Y-%m-%dT%H:%M:%S.%f%z DEFAULT: never
expires	aaa:Boolean (scalar:Enum8)	A property to enable an expiration date for the locally-authenticated user account.	SELECTION: 0 - no 1 - yes DEFAULT: no
name	pol:ObjName (naming:Name256)	Object name	MAX SIZE: 64
pwd	aaa:Passwd (string:Basic)	The system user password.	MAX SIZE: 126 DEFAULT: !
pwdEncryptType	aaa:KeyEncUserPass (scalar:Enum8)	Password Encryption Type	SELECTION: 0 - clear 5 - Encrypt 255 - unspecified DEFAULT: Encrypt

Related Documentation

For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference:

http://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-command-reference-list.html

See the NX-API DME Model Reference for detailed information about classes and attributes described in the payload:

https://developer.cisco.com/site/nx-os/docs/nexus-model-reference/

For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide:

https://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-programming-reference-guides-list.html

Deleting a User

You can use an POST request to set user password configuration information.

CLI Command

The CLI commands are equivalent to the payload examples displayed in the pane on the right. Click the DME tab in the top-left corner of the right pane to view the JSON payload. Click the YANG tab to view the XML payload.

no username testname password XTY&14op

Note: The property information for this example was added in Release 9.3(3).

Verifying a DME Configuration
The following table contains the distinguished name (DN) for each managed object (MO) in the DME payload. Issue a GET request using the DN to verify the configuration was posted or to get information about the configured properties of a particular object.

MO	DN
aaaUserEp	sys/userext
aaaUser	sys/userext/user-{[name]}

aaaUser Properties

The following table contains information about the aaaUser properties in the DME payload. For more information about the properties and MOs, see the NX-API DME Model Reference linked in the Related Documentation section below.

Property Name	Data Type	Description	Values
name	pol:ObjName (naming:Name256)	Object name	MAX SIZE: 64
status	mo:ModificationStatus (scalar:Bitmask32)	The upgrade status. This property is for internal use only.	SELECTION: 2 - created 4 - modified 8 - deleted 16 - replaced

Related Documentation

For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference:

http://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-command-reference-list.html

See the NX-API DME Model Reference for detailed information about classes and attributes described in the payload:

https://developer.cisco.com/site/nx-os/docs/nexus-model-reference/

For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide:

https://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-programming-reference-guides-list.html

Querying Password Configuration Information

DME Request

You use an HTTP GET request to retrieve aaaUserEp information. An aaaUserEp object is a user endpoint, which is a local user. A user is assigned a role, which determines the user's privileges, and belongs to a security domain, which determines the user's scope of control

In the switch MO database, the RN for the aaaUserExp object is /sys/userext.

Note: The property information for this example was added in Release 9.3(3).

Verifying a DME Configuration
The following table contains the distinguished name (DN) for each managed object (MO) in the DME payload. Issue a GET request using the DN to verify the configuration was posted or to get information about the configured properties of a particular object.

MO	DN
aaaUserEp	sys/userext

aaaUserEp Properties

The following table contains information about the aaaUserEp properties in the DME payload. For more information about the properties and MOs, see the NX-API DME Model Reference linked in the Related Documentation section below.

Property Name	Data Type	Description	Values
childAction	mo:ModificationChildAction scalar:Bitmask32	Delete or ignore. For internal use only.	SELECTION: 16384u - deleteAll 4096u - ignore 8192u - deleteNonPresent DEFAULT: 0
descr	pol:Descr	Description of the specified attribute
dn	reference:BinRef	A tag or metadata is a non-hierarchical keyword or term assigned to the fabric module.
lcOwn	NA	NA	NA
modTs	mo:TStamp (scalar:Date)	The time when this object was last modified.	SELECTION: 0 - never DEFAULT: never
monPolDn	reference:BinRef	The monitoring policy attached to this observable object.
name	pol:ObjName (naming:Name256)	Object name	MAX SIZE: 64
ownerKey	naming:Descr (string:Basic)	The key for enabling clients to own their data for entity correlation.	MAX SIZE: 128
ownerTag	naming:Descr1024 (string:Basic)	A tag for enabling clients to add their own data. For example, to indicate who created this object.	MAX SIZE: 64
pwdMaxLength	scalar:Uint16	Password max length	RANGE: [0, 65535] DEFAULT: 127
pwdMinLength	scalar:Uint16	Password min length	RANGE: [0, 65535] DEFAULT: 8
pwdSecureMode	aaa:Boolean (scalar:Enum8)	Password secure-mode	SELECTION: 0 - no 1 - yes DEFAULT: yes
pwdStrengthCheck	aaa:Boolean (scalar:Enum8)	The password strength check, which specifies if the system enforces the strength of the user password.	SELECTION: 0 - no 1 - yes DEFAULT: yes
status	mo:ModificationStatus (scalar:Bitmask32)	The upgrade status. This property is for internal use only.	SELECTION: 2 - created 4 - modified 8 - deleted 16 - replaced
uid	scalar:Uint16	A unique identifier for this object.

Related Documentation

For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference:

http://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-command-reference-list.html

See the NX-API DME Model Reference for detailed information about classes and attributes described in the payload:

https://developer.cisco.com/site/nx-os/docs/nexus-model-reference/

For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide:

https://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-programming-reference-guides-list.html

Configuring User Information

Note: This example was added in Release 9.3(1).

CLI Commands

The CLI commands are equivalent to the payload examples displayed in the pane on the right. Click the DME tab in the top-left corner of the right pane to view the JSON payload. Click the YANG tab to view the XML payload.

username SampleString_123

Verifying a DME Configuration

The following table contains the distinguished name (DN) for each managed object (MO) in the DME payload. Issue a GET request using the DN to verify the configuration was posted or to get information about the configured properties of a particular object.

MO	DN
aaaUser	sys/userext/user-[SampleString_123]
aaaUserEp	sys/userext

aaaUser Properties

The following table contains information about the aaaUser properties in the DME payload. For more information about the properties and MOs, see the NX-API DME Model Reference linked in the Related Documentation section below.

Property Name	Data Type	Description	Values
allowExpired	aaa:Boolean (scalar:Enum8)	Allow expired user to be configured	SELECTION: 0 - no 1 - yes DEFAULT: no
expiration	aaa:Date (scalar:Date)	Account Expiration Date	DATE FORMAT: %Y-%m-%dT%H:%M:%S.%f%z DEFAULT: never
name	pol:ObjName (naming:Name256)	Object name	MAX SIZE: 64

Related Documentation

Note: The property information for this example was added in Release 9.3(3).

Verifying a DME Configuration
The following table contains the distinguished name (DN) for each managed object (MO) in the DME payload. Issue a GET request using the DN to verify the configuration was posted or to get information about the configured properties of a particular object.

MO	DN
aaaUserEp	sys/userext
aaaUser	sys/userext/user-{[name]}

aaaUser Properties

The following table contains information about the aaaUser properties in the DME payload. For more information about the properties and MOs, see the NX-API DME Model Reference linked in the Related Documentation section below.

Property Name	Data Type	Description	Values
allowExpired	aaa:Boolean (scalar:Enum8)	Allow expired user to be configured	SELECTION: 0 - no 1 - yes DEFAULT: no
expiration	aaa:Date (scalar:Date)	Account Expiration Date	DATE FORMAT: %Y-%m-%dT%H:%M:%S.%f%z DEFAULT: never
name	pol:ObjName (naming:Name256)	Object name	MAX SIZE: 64

Related Documentation

For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference:

http://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-command-reference-list.html

See the NX-API DME Model Reference for detailed information about classes and attributes described in the payload:

https://developer.cisco.com/site/nx-os/docs/nexus-model-reference/

For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide:

https://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-programming-reference-guides-list.html

Deleting User Information

Note: This example was added in Release 9.3(1).

CLI Commands

The CLI commands are equivalent to the payload examples displayed in the pane on the right. Click the DME tab in the top-left corner of the right pane to view the JSON payload. Click the YANG tab to view the XML payload.

no username SampleString_123

Verifying a DME Configuration

The following table contains the distinguished name (DN) for each managed object (MO) in the DME payload. Issue a GET request using the DN to verify the configuration was posted or to get information about the configured properties of a particular object.

MO	DN
aaaUser	sys/userext/user-[SampleString_123]
aaaUserEp	sys/userext

aaaUser Properties

The following table contains information about the aaaUser properties in the DME payload. For more information about the properties and MOs, see the NX-API DME Model Reference linked in the Related Documentation section below.

Property Name	Data Type	Description	Values
name	pol:ObjName (naming:Name256)	Object name	MAX SIZE: 64
status	mo:ModificationStatus (scalar:Bitmask32)	The upgrade status. This property is for internal use only.	SELECTION: 2 - created 4 - modified 8 - deleted 16 - replaced

Related Documentation

Note: The property information for this example was added in Release 9.3(3).

Verifying a DME Configuration
The following table contains the distinguished name (DN) for each managed object (MO) in the DME payload. Issue a GET request using the DN to verify the configuration was posted or to get information about the configured properties of a particular object.

MO	DN
aaaUserEp	sys/userext
aaaUser	sys/userext/user-{[name]}

aaaUser Properties

The following table contains information about the aaaUser properties in the DME payload. For more information about the properties and MOs, see the NX-API DME Model Reference linked in the Related Documentation section below.

Property Name	Data Type	Description	Values
name	pol:ObjName (naming:Name256)	Object name	MAX SIZE: 64
status	mo:ModificationStatus (scalar:Bitmask32)	The upgrade status. This property is for internal use only.	SELECTION: 2 - created 4 - modified 8 - deleted 16 - replaced

Related Documentation

For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference:

http://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-command-reference-list.html

See the NX-API DME Model Reference for detailed information about classes and attributes described in the payload:

https://developer.cisco.com/site/nx-os/docs/nexus-model-reference/

For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide:

https://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-programming-reference-guides-list.html

Configuring Maximum Simultaneous Logins

Note: This example was added in Release 9.3(1).

CLI Commands

The CLI commands are equivalent to the payload examples displayed in the pane on the right. Click the DME tab in the top-left corner of the right pane to view the JSON payload. Click the YANG tab to view the XML payload.

user max-logins 5

Verifying a DME Configuration

The following table contains the distinguished name (DN) for each managed object (MO) in the DME payload. Issue a GET request using the DN to verify the configuration was posted or to get information about the configured properties of a particular object.

MO	DN
aaaUserEp	sys/userext

aaaUserEp Properties

The following table contains information about the aaaUserEp properties in the DME payload. For more information about the properties and MOs, see the NX-API DME Model Reference linked in the Related Documentation section below.

Property Name	Data Type	Description	Values
maxLogins	scalar:Uint32	Maximum Simultaneous Logins	RANGE: [0 , 7] DEFAULT: 0

Related Documentation

For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference:

http://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-command-reference-list.html

For detailed information about classes and attributes in the payload, see the NX-API DME Model Reference: https://developer.cisco.com/media/dme/index.html

For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide:

https://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-programming-reference-guides-list.html

Deleting the Maximum Simultaneous Logins

Note: This example was added in Release 9.3(1).

CLI Commands

The CLI commands are equivalent to the payload examples displayed in the pane on the right. Click the DME tab in the top-left corner of the right pane to view the JSON payload. Click the YANG tab to view the XML payload.

no user max-logins

Verifying a DME Configuration

The following table contains the distinguished name (DN) for each managed object (MO) in the DME payload. Issue a GET request using the DN to verify the configuration was posted or to get information about the configured properties of a particular object.

MO	DN
aaaUserEp	sys/userext

aaaUserEp Properties

The following table contains information about the aaaUserEp properties in the DME payload. For more information about the properties and MOs, see the NX-API DME Model Reference linked in the Related Documentation section below.

Property Name	Data Type	Description	Values
maxLogins	scalar:Uint32	Maximum Simultaneous Logins	RANGE: [0 , 7] DEFAULT: 0

Related Documentation

For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference:

http://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-command-reference-list.html

For detailed information about classes and attributes in the payload, see the NX-API DME Model Reference: https://developer.cisco.com/media/dme/index.html

For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide:

https://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-programming-reference-guides-list.html