224 Chapter5·SecurityandAccessConfiguration Frequently Asked Questions Q: Do users automatically gain access to every component of Nokia Network Voyager? A: No. Access is role-based, meaning the features available in the navigation tree depend on the role or roles assigned to their user account. Q: Can users reuse their passwords? A: Yes, but how often is up to you. You use the password history feature to check for password reuse and force users to create unique passwords every time they change their password. The number you specify in the history length is the number of previous passwords that the feature checks against. Q: Can I force users to change their password? A: Yes.You can force users to change their passwords at regular intervals and immediately after the password has been reset by an administrator. Q: How can I define user groups? A: You can define and configure groups with IPSO similarly to UNIX-based systems. Q: Why would I want to use a group? A: You would create a group to specify UNIX file permissions, use the Wheel group to control which users have root access to the system, and control who can log in through SSH Q: I have added a new user, but the user can't do anything in the system. Why? A: When you add a new user to Nokia Network Voyager, the user is given read-only privileges to the Nokia Network Voyager home page and the CLI prompt. The user however cannot access other Nokia Network Voyager pages or execute commands from the CLI prompt. For the user to gain more access, you must assign roles. Q: Can I delete and modify the default service modules? A: No. You cannot delete them, but you can modify any of these service modules by modifying the service profiles it uses, or by modifying the authentication, account management, or session profiles that are also used by a service profile.