Scribd Logo
Upload

Welcome to Scribd!

  • 3 views

    Default user accounts

    Uploaded by

    Mohsen Arab

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd

    Default user accounts

    Uploaded by

    Mohsen Arab
    3 views3 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    3 views3 pages

    Default user accounts

    Uploaded by

    Mohsen Arab

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    of 3

    Default user accounts http://localhost:5423/informationbrowser/topic/m226035898_html/htm/d...

    Single RAN, Rel. SRAN 18A, Operating Documentation, Issue 03 (HTML) > Single RAN System > SRAN Security > Configuring Security in
    SRAN

    The description of the default user accounts.

    After a new installation, the SBTS provides the following default user accounts (with default
    usernames/passwords):

    SBTS
    BTS System Administrator (Nemuadmin/ nemuuser)
    BTS Security Administrator (BTSSecurity/NA)
    BTS Application Administrator (BTSApplication/NA)
    BTS Read-Only User (BTSRead/NA)
    Nokia SBTS Service accounts (serviceuser, toor4nsn)

    Nokia SBTS Service accounts (serviceuser, toor4nsn, SSH Public Key Authentication)

    BTSMED
    Nokia BTSMED User account (Nemuadmin/NA)
    Nokia BTSMED Service account (toor4nsn/ xxx…xxx)
    Nokia BTSMED Service account (toor4nsn/SSH Public Key Authentication)

    Using the default user account's username/password facilitates an unauthorized access to the
    network element.

    Security details for the Dual-Core configuration


    In SRAN, Dual Core refers to the FSMF plus FSMF or full AirScale module configurations. The
    default user accounts are the same as in the Single Core configuration. The most important
    security properties are:

    The security credentials are synchronized between the primary core module and the
    secondary core module.
    The secondary core is unreachable from the exterior of the Single OAM architecture (except
    through the Local Management Ports).
    The Lightweight Directory Access Protocol (LDAP) authentication is not possible for the login

    1 of 3 2/5/2024, 12:45 PM
    Default user accounts http://localhost:5423/informationbrowser/topic/m226035898_html/htm/d...

    attempt performed on the secondary core, when both cores are disconnected, or SRIO (the
    interface between primary and secondary core) link does not work.
    The secondary core supports only local user accounts when the cores are disconnected or
    SRIO link does not work.
    One service account (toor4nsn) in the primary and the secondary core modules used by R&D.

    Password changing guidelines


    To increase network security, change the default user account's username and password for all
    users and service accounts with WebEM or NetAct (with the NEAC tool, for example).

    It is recommended to use the Centralized Network Element User Management (CNUM)


    functionality on NetAct to create a separate remote user account for each member of the O&M
    personnel. It is also recommended to update the password regularly for all BTSs with the NetAct
    NEAC tool (for example, every three months).

    Note:

    The strength of the account password is crucial for security. Using the default user account
    password facilitates unauthorized access to the network element. In order to improve the
    password's strength, several rules must be followed.

    It is strongly recommended to change the default password for the local user account and the
    service account. The strength of the account password is crucial for security. The password must
    meet the following requirements:

    It must have 8-128 characters in the case of a local user account and 8-30 characters in the
    case of a service account.
    The same two characters cannot be used consecutively.
    There must be at least two digits.
    There must be at least one lowercase and one uppercase letter.
    There must be at least one non-alphanumeric character.
    The password cannot be the same as the previous passwords (the number of passwords to
    check is configurable by the operator).

    For more details, see Single RAN Operating Documentation > Features > SRAN Features >
    SRAN Features From Previous Releases > SRAN 16.2, Feature Descriptions > Descriptions of

    2 of 3 2/5/2024, 12:45 PM
    Default user accounts http://localhost:5423/informationbrowser/topic/m226035898_html/htm/d...

    operability features > SR000900: SBTS Operator Account Management document.

    More on this topic


    Local user account management
    Description of a local user account and its possibilities to increase security.
    Service account management
    Description of the service account and its possibilities to increase security

    Id: DN09249545 © 2019 Nokia. Nokia


    Issue: 04A confidential.

    3 of 3 2/5/2024, 12:45 PM

    You might also like