How can I create, and manage users on my Director appliance?

<< Back to Knowledge Search



What do the privilege levels of 1, 7  and15 mean?

What are the default accounts on Director?

What are the default passwords for a Director appliance?



The default accounts are sadmin, monitor, and admin, with each account having no password by default. Blue Coat recommends that the default admin account be
used to administer Director. Another account, monitor, exists by default on Director which allows the user to view configuration changes to the system. sadmin intended to allow users to manage content filtering policy. See Chapter 8 of the CMG guide for more information.

You can create other accounts with different privileges and require users to use one of those accounts instead of admin. (If you decide to create user accounts on Director, assign a password on the admin account to prevent users from logging on with full privileges.) The user accounts you create can be as secure as you want them, from no password to restricting users to one of the modes: Standard, Enable, or Configuration. Restricting users to one of the modes is called setting the privilege level.

All user accounts, by default, have all privileges.
If the privilege level is:

  • Privilege level 1 Standard mode only is available, meaning that you can view Director logs and the results of commands but you cannot change them. You cannot log into the JAVA UI in this mode.
  • Privilege level 7 Standard and Enable modes are available, meaning you can do one-time
    tasks, but cannot schedule repeating tasks or configure devices or device
  • Privilege level15 (the default): All three modes are available, including Configuration mode, the most powerful. You can schedule jobs, manage content, and manage users.

NOTE1: You can also make permanent changes to Director configuration. If the privilege level is changed during a session, the new privileges take effect

NOTE2: The username commands create local user accounts on Director only. They do not affect the accounts on remote authentication servers.

NOTE3: Director can user either Radius, or TACACS+ authentication protocols.  However, only Radius allows you to set the above mentioned privilege levels.

NOTE4: Information in this article was taken from page 568 of the Director 5.5 administration manual.


Links to other articles:

For a list of what commands can be executed with an delegated admin user id, bnased on their  priviledge mode, see 000014764

For more details on how to implement the RADIUS protocol with a Cisco ACS server, see 000013365

For more details on how to implement the TACACS+ protocol with a Cisco ACS server, see FAQ2879

For details on the username CLI command, as well as other CLI commands, see 000014637

Additional Information
Bug Number
InQuira Doc IdKB4759

Article Feedback

Hide Properties
First Published      10/01/2014
Last Modified      10/01/2014
Last Published      10/01/2014
Article Audience
Product      Director-510
Software      Director 5.5
Topic      Authentication, Configuration / WUI / CLI, Director Jobs
Article Number      000009822
Was this helpful?
Previous MonthNext Month