Default System Accounts

Avi Vantage inherently comes with several user accounts created.  These accounts serve specific purposes, and unlike custom user accounts, they may not be disabled or removed.

admin

  • This account exists on both the Avi Controller and Avi SEs
  • It is the default administrator user-name for the system and cannot be changed
  • Default shell is Linux bash
    • From Linux use “shell” command to access the Avi CLI shell
    • admin is the only account whose Avi password is automatically synchronized with Linux
  • Is a super-user in the Controller
  • User is in sudoers list
  • Default password is “admin” and UI system-setup workflow requires a new password
    • Password is synchronized to the SEs
  • Account has super-user status, with full access to all tenants
  • This account is always authenticated via local user-db.  It does not use any configured remote authentication

cli

  • Used to launch the CLI shell by logging into the Controller.  User will SSH to a Controller IP address, use cli as at the Linux username prompt, then be presented with the Avi CLI shell access username and password prompt, which requires their custom credentials
  • Password-less from the Linux perspective with the CLI shell as the default shell that prompts for a username/password
  • CLI shell is launched in a container with no persistent storage

aviseuser

  • This account exists on Controller and SE
  • Internal user for SE-to-Controller communication via SSH tunnel
  • No password. Uses unique key-pair per SE
  • User is not in sudoers list on the Controller
  • User is in sudoers list on the SEs

avictlruser

  • This account exists on Controller only
  • Internal user for Controller-to-Controller communication via SSH
  • No password. Uses unique key-pair per Controller
  • User is in sudoers list

 

Updated: 2017-09-22 01:37:55 +0000