You can create, modify, lock, unlock, or delete a cluster or Storage Virtual Machine (SVM) user account, reset a user's password, or display information for all user accounts.
You can manage cluster or
SVM user accounts in the following ways:
- Creating a login method for a user by specifying the user's account name, associated SVM, the access method, and the authentication method
You can optionally specify the access-control role the user is assigned and add a comment about the user account.
The maximum number of cluster user accounts you can create is 100. This limit includes the Active Directory domain user accounts that are added to the cluster. There is no limit to the number of SVM user accounts you can create for an SVM.
- Displaying users' login information, such as the account name, allowed access method, authentication method, access-control role, account comment, and account status
- Displaying information about SNMP users, including the account name, the associated SVM, authentication method, hexadecimal engine ID, authentication protocol, privacy protocol, and security group
- Modifying the access-control role that is associated with a user’s login method
It is best to use a single role for all access and authentication methods of a user account.
- Deleting a user's login method, such as the access method or the authentication method
- Changing the password for a user account
- Locking a user account to prevent the user from accessing the system
- Unlocking a previously locked user account to enable the user to access the system again
You use the security login commands to manage user accounts. You use the security snmpusers command to display information about SNMP users. For more information about these commands, see the appropriate man pages.
Note: The system prevents you from creating or using accounts with names that are reserved for the system (such as "root" and "naroot".) You cannot use a system-reserved name to access the cluster, an SVM, the SP, or the RLM.
