To manage Cisco AsyncOS system accounts, you need to specify a valid local administrative account and password. See Specifying a local administrative account for more information. The account used must be an account in the Cisco AsyncOS Administrator role.
To create a Cisco AsyncOS account in the Administrator role using the CLI or GUI, see the following:
Note: Since user accounts in the the Cisco AsyncOS Help Desk User role and the Custom user role are restricted from connecting to Cisco AsyncOS systems through SSH, those users, if added to Privileged Access Service, cannot use the Privileged Access Service login functions to connect to a Cisco AsyncOS system.
For any account you add, you can choose whether or not you want the Privileged Access Service to manage the account password. If you select Manage this credential, the Privileged Access Service automatically resets the password immediately after the account and system are added and each time the account is checked in.
You should also keep in mind that only the Privileged Access Service will know the managed password being generated and stored. You should not select this option if you don’t want the Privileged Access Service to manage the password for the account.
For more information about password and system management for Cisco AsyncOS systems, see the following topics: