[c-nsp] n5k caches usernames logged in

Jared Mauch jared at puck.nether.net
Tue Sep 21 10:20:54 EDT 2010


I despise hidden configuration items like those reported here. Either it's a local user in the config or not. Looks like a bug or architecture flaw. 

Jared Mauch

On Sep 21, 2010, at 9:24 AM, Tassos Chatzithomaoglou <achatz at forthnet.gr> wrote:

> 
> 
> Lincoln Dale wrote on 20/09/2010 05:20:
>> On 19/09/2010, at 10:12 PM, Tassos Chatzithomaoglou wrote:
>> 
>>   
>>> I noticed that when a remote user logs into a n5k and then logs out, the "show user-account" command still displays the user credentials.
>>> Waiting for some time or clearing manually the user from config mode (?), fixes the above.
>>> Is there a timer for such cached entries that can be changed? Is it possible to disable this caching?
>>>     
>> i'm not sure why you feel this to be an issue?  if the user is provided from AAA then the AAA server will still be consulted for the authentication/authorization/roles etc.
>>   
> Maybe it's not an issue.
> The output of "show user-account" gets cluttered with all the users that have logged into the n5k in the past.
> Since this isn't documented anywhere, i found it strange.
> Also having to clear the username from config mode, while "sh run" doesn't include the username, is even more strange.
> 
> n5k(config)# username test role network-admin
> user:test account is already created through remote authentication.
> Please first delete that account using "no" option.
> 
> 
> --
> Tassos
> 
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/



More information about the cisco-nsp mailing list