Table of ContentsView in Frames

Creating users and assigning them to groups

You can create or modify a user and assign that user to one or more predefined or customized groups, giving that user the roles and capabilities associated with those groups.

About this task

When you use the useradmin user modify command to modify the groups an existing user is assigned to, whatever groups the user was previously assigned to are replaced with the group or groups you supply in the command.

User names are case insensitive. This means that you cannot create a user named "fred" if you already have a user named "Fred".

You can have a maximum of 96 administrative users on a storage system.

Steps

  1. Enter the following command:
    useradmin user {add|modify} user_name [-c comments] [-n full_name] [-p password] -g group1[,group2,group3,..] [-m password_min_age] [-M password_max_age]

    • You use useradmin user add to create a new user, and useradmin user modify to modify the attributes of an existing user.
    • user_name is the user whose name you want to assign to a customized or predefined group.

      The user name is case insensitive and can be up to 32 characters long.

      If user_name contains a space, enclose user_name in quotation marks (" ").

    • comments specifies a maximum 128-character comment that can be viewed through the useradmin user list command.

      Comments cannot contain a colon character (:).

    • full_name specifies the full name for the user.
    • password is the password required of the specified administrative user (used only for RSH access).

      If the security.passwd.rules.enable option is set to on, the password must conform to the rules specified by the security.passwd.rules.* options.

    • group is a predefined or customized group with roles assigned through the useradmin group command.

      To assign a user to the Compliance Administrators group, ensure that the telnet.distinct.enable option is set to on.

    • password_min_age specifies the minimum number of days that users must have a password before they can change it.

      The default value is 0. If you specify a value larger than 4,294,967,295, the value is set to 4,294,967,295.

    • password_max_age specifies the maximum number of days users can have a password before they are required to change it.

      The default value is 4,294,967,295. If you specify a value larger than 4,294,967,295, the value is set to 4,294,967,295. The password expires at midnight in the GMT time zone, on the expiration date.

  2. To verify the success of your operation, enter the following command:
    useradmin user list user_name

    The specified user is listed along with the groups, roles, and capabilities that the user has inherited.

Example of creating a user

The following command uses the predefined Administrators group and role definitions to create the user mollymulberry and grant her rights to invoke every type of administrative capability (login, CLI, API, and security).
useradmin user add molly -n "Molly Mulberry" -c "Filer administrator 
in Corp IT" -g Administrators