Create Initial Account from the CLI

To create the first administrator account via the CLI, do the following:

1. Create the administrator account by entering the following command:
   $ account initialadmin create role=administrator
   where initialadmin is the user name you wish to use for the account (maximum 20 characters with no spaces).
   
   

2. When prompted, enter a temporary password for this account.
   

   

   Note

   Feedback on password quality (relative to the Password Policy) may be provided, followed by a prompt to retype the password.
   An administrator can repeat the same "weak" password at this point, and it will be accepted.
   If he/she enters nothing (or a different password), then a password mismatch warning is displayed.
   He/she then has two more chances to enter another (better) password.
   Note that normal users changing their own password cannot enter a weak password.

   Following is an example of an unsuccessful password creation attempt, showing possible password feedback:

   JS

   $ account initialadmin create role=administrator
   New password:
   BAD PASSWORD: it does not contain enough DIFFERENT characters
   BAD PASSWORD: is too simple
   Retype new password:
   Sorry, passwords do not match.
   New password:
   Retype new password:
   Sorry, passwords do not match.
   New password:
   Retype new password:
   Sorry, passwords do not match.
   passwd: Have exhausted maximum number of retries for service
   passwd: password unchanged
   account: could not create account: no password

3. When prompted, confirm your choice (even if does not meet the requirements of the Password Policy) by retyping it. You will then be prompted to immediately change the new password.
   Following is an example of a successful account/password creation:

   CODE

   $ account initialadmin create role=administrator
   New password:
   Retype new password:
   passwd: password updated successfully
   Account created successfully

   

   Important

   Ignore the message instructing you to reconfigure default settings.

4. To verify that the new account has been successfully created and to continue with hardening operations, you must sign out and sign back in using the new account user name and password. The initial password must then be changed.
   
   Example:
   

   CODE

   $ exit
   Haivision-ace login: initialadmin
   password:
   You are required to change your password immediately (root enforced)
   Changing password for intialadmin.
   Current password: 
   New password: 
   Retype new password:

The possible values for the configurable parameters are: