Adding Global Shared Credentials
There are five of Shared Credentials:
- Account
- Privilege password
- SNMP V1/V2c
- SNMP v3
- RSA
To import credentials
in bulk, see
Command Line Interface for
more information.
Creating Shared Credential - Account
Class
To Create a shared credential with the class type of Account, follow these steps:
- From the menu bar, selectTools -> System Administration.
- Next, selectGlobal ->Credentials.
TheGlobalShared Credentials window displays with a listing of pre-assigned, shared credentials. At the bottom of the window are the View Associations, Roll, Add, Edit, and Remove buttons, along with the Close option. - ClickAddto display the Add Credential window.You can also Copy the Shared Credential using the Copy button.
- Enter theCredential Name.
- From theCredential Typesection, selectAccounttype from the options shown (using the drop-down arrow to display your selection).Depending on the credential type you select, additional information is displayed in the lower portion of the window. For example, when you select Account as the credential type, additional fields display where you enter information. See Unique Credentials for more information.Credentials provide you the option to generate unique, random passwords of user definable length when using the Generate button.
- Complete the following steps:
- Enter theUser Name.
- Enter aPassword. Confirm the Password.
- Select the check box if this account is managed by an external authentication server.
- ClickOKwhen you have completed these steps.
Creating Shared Credential - Privilege Password Class
With the
Network Shared Credentials
window displayed showing a
listing of pre-assigned, shared credentials: - ClickAddto display the Add Credential window.
- Enter theCredential Name.
- From theCredential Typesection, selectPrivilege Passwordfrom the options shown (using the drop-down arrow). See Unique Credentials for more information.To use Unique passwords per device, creating a Unique Credential eases the deployment of device passwords. A Unique credential is a placeholder that tells the system there are unique individual passwords on each device associated with the credential. Unique credentials have no passwords stored with them, but create a different password for each device associated with them. Unique credentials must be coupled with an update to devices.

- Enter aPassword. Confirm the Password you just entered. You can also click theSecurecheck box, then clickGenerateto have the application generate a system-only-known password. Secure passwords will generate the appropriate enable-secure command when used to update a Cisco IOS device.
- ClickOKwhen you have completed these steps.
Creating Shared Credential - SNMP v1/v2c
With the
Network Shared Credentials
window displayed showing a
listing of pre-assigned, shared credentials: - ClickAddto display the Add Credential window.
- Enter theCredential Name.
- From theCredential Typesection, selectCommunity Stringfrom the options shown (using the drop-down arrow). See Unique Credentials for more information.

- Complete the following steps for theRead-Onlysection:
- Enter the Community String.
- Confirm the Community String entered.
- Complete the following steps for theRead-Writesection:
- Enter the Community String.
- Confirm the Community String entered.
- ClickOKwhen you have completed these steps.
Creating Shared Credential - SNMP v3
With the
Network Shared Credentials
window displayed showing a
listing of pre-assigned, shared credentials: - ClickAddto display the Add Credential window.
- Enter theCredential Name.
- From theCredential Typesection, selectSNMP v3from the options shown (using the drop-down arrow). See Unique Credentials for more information.
When
SNMP v3
is selected as the Credential Type, the information
you need to select and enter is divided between two tabs;
Security
and Context
. - From theSecuritytab, complete the following steps:
- Enter a User Name
- From the drop-down arrow, select Security Level. Depending on the Security Level you select, Authentication Protocol and Privacy Protocol may not be selectable.
- From the drop-down arrow, select a Authentication Protocol (if appropriate).
- From the drop-down arrow, select a Privacy Protocol (if appropriate).You can selectAES192W3DESKEYExtandAES256W3DESKEYExtprotocols, only for the Cisco specific device(s).
- Enter an Authentication Password, then re-enter the password.
- Enter a Privacy Password, then re-enter the password. Note that you can click Generate to have Network Configuration Manager create passwords for you.
- Once your passwords are verified, clickOk.
Mibs refer to Management
Information Bases, and Oids refer to Object Identifiers.
- From theContexttab, compete the following steps:
- Enter the Context Name
- Enter the Context Engine ID
- Enter a User Group Name
- Enter a View Name
- Select a View Access from the drop-down arrow
- Enter the Mibs/Oids you want included
- Enter the Mibs/Oids you want to be excluded from these credentials
- ClickOkto keep your selections
Creating Shared Credential - RSA
With the Network Shared Credentials window displayed showing a listing of pre-assigned,
shared credentials:
- Click Add to display the Add Credential window.
- Enter the Credential Name.
- From the Credential Type section, select RSA from the options shown (using the drop-down arrow). See Unique Credentials for more information.
- Assign RSA tokens using the steps in the Assigning RSA Tokens section below.
- Set the PINs for the RSA tokens using the steps in the Setting RSA Token PINs section below.
- Click OK when you have completed these steps.

Assigning RSA Token
- SelectAssign RSA Tokens. The Assign RSA Tokens window pens.

- The Available RSA Tokens column is a list of all unassigned RSA tokens. Select theRSAtokens to which the user or group will have permissions.A sequence of RSA tokens can be selected by holding down the Shift-key while clicking RSA tokens. Or, multiple, non-sequential RSA tokens can be selected by holding the Ctrl key while clicking the RSA token.
- When you have finished selecting RSA tokens, clickAddorAdd all.
- If you are unassigning RSA tokens, in the Assigned RSA Tokens column, select theRSA tokensto which the user will no longer be associated, then clickRemove All.
- Once you have completed selecting the RSA tokens for the user, clickOK. The Assign RSA Tokens window closes.
- You can now proceed with setting RSA token PINs for the user or group.
Setting RSA Token PINs
- From the list of RSA tokens, select anRSA token. RSA tokens that have not had the PIN set, show as Required under the PIN column.
- At the bottom of the Manage RSA Tokens pane, selectSet PIN. The Set PIN window (for the user you selected) now opens.

- At the Set PIN screen, enter avalid PINin the New PIN field.
- Enter the PIN again in theConfirm PINfield.
- ClickOk.