Applies To:Show Versions
Introduction to User Account Management
Purpose of BIG-IP user accounts
- Verifies the identity of users logging into the system
- Controls user access to system resources
User access components
- Passwordsallow you to authenticate your users when they attempt to log in to the BIG-IP system.
- User rolesandpartitions accessallow you to control user access to BIG-IP system resources.
- Terminal accesscontrols whether or not a user can access any command line interfaces on the system.
Types of user accounts
- The root account
- Every BIG-IP system has an account namedroot. A user who logs in to the system using therootaccount has full access to all BIG-IP system resources, including all administrative partitions and command line interfaces.
- The admin account
- Every BIG-IP system has an account namedadmin. A user who logs in to the system using theadminaccount has the Administrator role, which grants the user full access to all BIG-IP system resources, including all administrative partitions on the system. By default, theadminuser account has access to the BIG-IP Configuration utility only. However, users logged in with this account can grant themselves access to bothtmshand the advanced shell. Although the BIG-IP system creates this account automatically, you must still assign a password to the account before you can use it. To initially set the password for the admin account, you must run the Setup utility. To change its password later, you use the BIG-IP Configuration utility’s Users screens.
- Local accounts
- A BIG-IP user with the correct user role can create other local user accounts for BIG-IP system administration. Each local user account on the BIG-IP system has one or more user roles assigned to the account (one per partition), as well as permissions related totmshand Bash shell access.
- Remote accounts
- If your organization stores user accounts on a remote authentication server (such as an Active Directory server), you can configure the BIG-IP system to control access to BIG-IP configuration objects for all BIG-IP user accounts stored on the remote server. In this case, the remote server authenticates each BIG-IP user at login time, while the BIG-IP system itself grants the specified access control permissions.
Changing the root
and admin account passwords
- On the Main tab, expandSystem, and clickPlatform.
- For theRoot Accountsetting, type a new password in thePasswordbox, and re-type the new password in theConfirmbox.
- For theAdmin Accountsetting, type a new password in thePasswordbox, and re-type the new password in theConfirmbox.
- Click theUpdatebutton.