Documentation | Support

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Forcepoint Appliances Command Line Interface > Configure accounts
Configure accounts
set account admin
Change the password for the admin account.
set account admin --password
 
Parameter
Description
password
Administrator password.
Command modes
All products.
Usage guidelines
You are prompted to enter the current password, and then prompted to enter and confirm the new password.
The admin password is initially set when you run the firstboot script.
The password must be 8 to 15 characters in length and it must include:
*
At least one uppercase character
*
At least one lowercase character
*
At least one number
*
At least one character in the set:
! # % & ' ( ) * + , - . / ; < = > ? @ [ ] ^ _ { | } ~
Exclude all of the following:
*
The special characters: space $ : ` \ "
*
The previous three passwords for the account
*
The hostname of the device
*
The user name of any appliance service account (admin, root, tech-support, audit)
*
Common appliance- or company-related names
Command history
 
Release
Modification
8.3
This command was modified. Previous command for V Series appliances:
reset password
Related commands
 
Command
Description
show account audit
Determine whether the account audit is enabled or disabled.
set account audit
Enable or disable the audit account; set or change the audit account password.
show account audit
Determine whether the audit account is enabled or disabled.
(view)# show account audit --status
 
Parameter
Description
status
Status of the audit account; enabled or disabled. Default: disabled.
Command modes
All products.
Examples
(view)# show account audit --status
Related commands
 
Command
Description
set account admin
Change the password for the admin account.
set account audit
Enable or disable the audit account; set or change the audit account password.
set account audit
Enable or disable the audit account, and set or change the audit account password.
set account audit --status <enabled|disabled>
set account audit --password
 
Parameter
Description
status
Status of the audit account; enabled or disabled. Default: disabled.
password
Audit account password.
Command modes
All products.
Usage guidelines
The --status and --password parameters cannot be used at the same time.
When enabling the audit account for the first time, set the audit account password.
The password must be 8 to 15 characters in length and it must include:
*
At least one uppercase character
*
At least one lowercase character
*
At least one number
*
At least one character in the set:
! # % & ' ( ) * + , - . / ; < = > ? @ [ ] ^ _ { | } ~
Exclude all of the following:
*
The special characters: space $ : ` \ "
*
The previous three passwords for the account
*
The hostname of the device
*
The user name of any appliance service account (admin, root, tech-support, audit)
*
Common appliance- or company-related names
Related commands
 
Command
Description
set account admin
Change the password for the admin account.
show account audit
Determine whether the audit account is enabled or disabled.
set access ssh
Enable or disable remote CLI access via SSH.
set access ssh --status <enabled|disabled>
 
Parameter
Description
status
Status of SSH access; enabled or disabled.
Command modes
All products. Not supported in Azure.
Usage guidelines
SSH status is enabled or disabled for all active accounts. Valid users include admin, audit, and tech-support. There is no access via SSH for the root user, as this is a reserved internal account.
Command history
 
Release
Modification
8.3
This command was modified. Previous commands for V Series appliances:
ssh enable
ssh disable
Related commands
 
Command
Description
show access ssh
Display whether remote CLI access via SSH is enabled or disabled.
set account tech-support
Enable or disable access for Forcepoint Technical Support.
show access ssh
Display whether remote CLI access via SSH is enabled or disabled.
show access ssh --status
 
Parameter
Description
status
Status of SSH access; enabled or disabled.
Command modes
All products.
Command history
 
Release
Modification
8.3
This command was modified. Previous command for V Series appliances:
show ssh
Related commands
 
Command
Description
set access ssh
Enable or disable remote CLI access via SSH.
set account tech-support
Enable or disable access for Forcepoint Technical Support.
show account email
Display the admin account email address.
show account email
Command modes
All products.
Command history
 
Release
Modification
8.3
This command was modified. Previous command for V Series appliances:
show admin email
Related commands
 
Command
Description
set account email
Define an email address to use for admin account password recovery.
send test_email
Send a test email using the email/SMTP configuration.
delete account email
Delete the password recovery email address.
set account email
Define an email address to use for admin account password recovery.
set account email --address <address>
 
Parameter
Description
address
Admin account email address.
Command modes
All products.
Usage guidelines
A temporary password is sent to this email address when you request automated password recovery help. You must also define an SMTP server.
Forcepoint Technical Support can manually issue a temporary password if you provide the security code found in the appliance iDRAC console.
Command history
 
Release
Modification
8.3
This command was modified. Previous command for V Series appliances:
admin email
Related commands
 
Command
Description
show account email
Display the admin account email address.
send test_email
Send a test email using the email/SMTP configuration.
delete account email
Delete the password recovery email address.
send test_email
Send a test email using the email/SMTP configuration.
send test_email
Command modes
All products.
Related commands
 
Command
Description
set account email
Define an email address to use for admin account password recovery.
show account email
Display the admin account email address.
delete account email
Delete the password recovery email address.
show account smtp
Display the SMTP server settings used with the admin email address to facilitate password recovery.
show account smtp
Command modes
All products.
Usage guidelines
Displays:
*
Server IP address or hostname
*
Server port
*
Server user name
*
Server password
Command history
 
Release
Modification
8.3
This command was modified. Previous commands for V Series appliances:
show smtp server
Related commands
 
Command
Description
set account smtp
Define an SMTP server for use during admin account password recovery.
delete account smtp
Delete SMTP settings.
set account smtp
Define an SMTP server for use during admin account password recovery.
set account smtp --host <location> --port <port> --user <name>
 
Parameter
Description
host
Host location, either the IPv4 address or hostname of the SMTP server.
port
(Optional) Port of the SMTP server. Default is 25.
user
Account to use to connect to the SMTP server.
Command modes
All products.
Usage guidelines
Password recovery requires you to define:
1.
An SMTP server
2.
A valid email address to receive a temporary password
Examples
(config)# set account smtp --host 10.0.0.25 --port 25 --user smtpuser
Command history
 
Release
Modification
8.3
This command was modified. Previous command for V Series appliances:
smtp server
Related commands
 
Command
Description
show account smtp
Display the SMTP server settings used with the admin email address to facilitate password recovery.
delete account smtp
Delete SMTP settings.
delete account email
Delete the password recovery email address.
delete account email
Command modes
All products.
delete account smtp
Delete SMTP settings.
delete account smtp
Command modes
All products.
Related commands
 
Command
Description
set account email
Define an email address to use for admin account password recovery.
send test_email
Send a test email using the email/SMTP configuration.
show account tech-support
Display Forcepoint Technical Support account access or activity history.
show account tech-support --status
show account tech-support --history
 
Parameter
Description
status
Status of Technical Support account access; enabled or disabled.
history
History of Technical Support account access.
Command modes
All products.
Usage guidelines
The --status and --history parameters cannot be used at the same time.
The activity history includes both local and remote access via the tech-support account.
Command history
 
Release
Modification
8.3
This command was modified. Previous command for V Series appliances:
show remote-access
local-access
Related commands
 
Command
Description
set access ssh
Enable or disable remote CLI access via SSH.
set account tech-support
Enable or disable access for Forcepoint Technical Support.
set account tech-support
Enable or disable access for Forcepoint Technical Support.
set account tech-support --status <enabled|disabled>
 
Parameter
Description
status
Status of Technical Support account access; enabled or disabled.
Command modes
All products.
Usage guidelines
A temporary tech-support password is generated when you enable this access. Forcepoint Technical Support retrieves the password from a special URL.
To allow Technical Support remote access, SSH access must also be enabled (see set access ssh):
set access ssh --status enabled
When a technician uses the tech-support account, the session ends automatically after 15 minutes of inactivity.
Command history
 
Release
Modification
8.3
This command was modified. Previous command for V Series appliances:
remote-access enable
remote-access disable
Related commands
 
Command
Description
set access ssh
Enable or disable remote CLI access via SSH.
show account tech-support
Display Forcepoint Technical Support account access or activity history.
show current user
Show the user currently logged on.
show current user
Command modes
All products.
Examples
(config)# show current user
Logged in as jdoe
Related commands
 
Command
Description
show user
Show user information for all logged-on users or for a specific user.
create user
Create a user account.
set user
Update user account settings.
delete user
Delete a user account.
show user
Show user information for all logged-on users or for a specific user.
show user [--name <unique_user_name>]
 
Parameter
Description
name
(Optional) User name for the account to display.
Command modes
All products.
Examples
(view)# show user --name jdoe
Name|Type|Status|Password Set
+---+-----+-------+------------+
jdoe|admin|enabled|yes
Related commands
 
Command
Description
show current user
Show user currently logged on.
create user
Create a user account.
set user
Update user account settings.
delete user
Delete a user account.
create user
Create a user account.
create user --name <unique_user_name> --type <audit|admin> [--status <enabled|disabled>]
 
Parameter
Description
name
User name for the account to display.
type
Account authorization type; audit or admin.
status
(Optional) Initial status of the user; enabled or disabled. Default is disabled.
Command modes
All products.
Usage guidelines
The user name must:
*
Contain only lowercase letters, numbers, and the underscore character (_)
*
Be 30 or fewer characters
*
Begin with the underscore character or a letter
Examples
(config)# create user --name jdoe --status enabled --type audit
Related commands
 
Command
Description
show user
Show user information for all logged-on users or for a specific user.
show current user
Show user currently logged on.
set user
Update user account settings.
delete user
Delete a user account.
set user
Update user account settings.
set user --name <unique_user_name> --type <audit|admin> [--status <enabled|disabled>] [--password]
 
Parameter
Description
name
User name for the account to display.
type
Account authorization type; audit or admin.
status
(Optional) Initial status of the user; enabled or disabled. Default is disabled.
password
(Optional) Account password.
The password parameter activates an interactive menu, allowing you to specify the account password.
Command modes
All products.
Examples
(config)# set user --name jdoe --password --status enabled --type audit
Related commands
 
Command
Description
show user
Show user information for all logged-on users or for a specific user.
create user
Create a user account.
show current user
Show user currently logged on.
delete user
Delete a user account.
delete user
Delete a user account.
delete user [--name <unique_user_name>]
 
Parameter
Description
name
(Optional) User name for the account to display.
Command modes
All products.
Examples
(config)# delete user --name jdoe
Related commands
 
Command
Description
show user
Show user information for all logged-on users or for a specific user.
create user
Create a user account.
set user
Update user account settings.
show current user
Show user currently logged on.

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Forcepoint Appliances Command Line Interface > Configure accounts
Copyright 2020 Forcepoint. All rights reserved.