just verified that it is possible to create a user from NSO webUI.

1. log on to web UI as admin
2. click on menu button at the top left corner of the web UI (the white circle with 3 black horizontal lines)
3. from "Modules", uncollaps "tailf-aaa" and click "aaa"
4. in the now open "authentication" tab under "User management" click on "users"
5. click + sign
6. enter username (use same username as on the device for convenience)
7. in the now opening "user" tab set imaginary (or in your case better: meaningful!) values for uid(I used 12345), gid (I used 1234), ssh_keydir(I used /), homedir (I used /home/testuser) and enter e.g. ABCDEF! as password.
8. Log off from webUI and try logging on as your newly created user with the "!-password", should work.

From NSO CLI you can now add this user to the appropriate authgroup e.g. devices authgroups group iosdevs umap [yournewlycreatedusergoeshere] same-pass remote-secondary-password myenablepassword.

The above assumes you have an authgroup for e.g. the IOS devices (group iosdevs).

remote-secondary-password myenablepassword only needs to be set if you have that active/configured on the device.

Details regarding users/usergroups can be found in the NSO admin guide I think.

When you now logon to the device from NSO the password with the ! should be  passed on correctly I believe. But as mentioned in my initial post: Best to leave out "weird characters", especially ?. Stick with alphanumeric (in upper and lowercase) and gain slightly more entropy by using a few characters more in the password (that will roughly make up for not using chars such as ! or ?).

Btw...have you tried setting the password incl. ! for the user from NSO CLI. I think it might work!? ! should not be a "functional" key in the NSO cli.

Following up on Ron's thread.   The IOS devices have an enable password and it also contains an "!".   The password is the standard and used on all managed devices in the environment (isolated POC/demo lab).   I ran into this previously and discovered the escape character but a new install of NSO wiped out the cdb and I don't recall what it was.

Yes, I'm using the NSO CLI for this.

sorry...have to pass on the actual escape character used...can only offer the workaround already provided above.

Once you have it sorted though you could implement yourself a service to change the password on all devices in your lab in one go (and you could even restrict people from ever using "weird" characters when using the NSO service)...that is (some of) the beauty of NSO.

Can you try to set the password using double-quote?

-----

devices authgroups group adminx

default-map remote-name   admin

default-map remote-password “ABCDEF!”

-----

Using cisco-ios NED and CSR1kv, I see the same and solved with this.

I think it depends on what NED to use though.

Yes, both "...! " and ...\! work.  Thanks!

Hi Guys,

I need to change an admin account password on NSO, does anybody knows how to do that !

after entering configure.. there are three options

admin@ncs> configure ?
Possible completions:
exclusive no-confirm private

which one should i select?

How can i create an account on NCS and Linux hosting ncs? i want to replicate an existing account