Use the following information to manage DSC - SP2000 user accounts.
ROOT Users
Only the ROOT user can add or delete system users. Any new system users that are created (added) are automatically assigned a read-only access to the system (UNPROFILED). For information about user profiles and privileges, see DSC User Profiles and Privileges.
Note
The Create button on the Unprofiled screen cannot create unprofiled users.
It is recommended that the ROOT user adds all system users with the appropriate user profile and provides these users with initial passwords. For information about password restrictions, see DSC Password Management.
Guidelines for User Names
User names are less than or equal to 31 characters. User names can contain alphanumeric, period, and hyphen characters.
Note
The system logs the actions of the user and records that user's name into the audit log.
User names cannot have
- a period or hyphen as the only character.
- a period or hyphen as the initial character.
- a number as the initial character.
- a period or hyphen as the final character.
- a period following a period or hyphen.
- a hyphen following a hyphen or period.
See the following examples of valid user names that have period or hyphen characters:
- john.doe-smith
- john-smith.doe
- j-smith.doe
- j-s-d
- j.s.d
- j.s-d
Add a User
Start
- From the Main Menu, click Users.
Click Add User. Enter the information as required.
Three options are available for User Type:
- No Shell users are for logging in to the Configuration Management UI (CMU). Users are still able to login through SSH, but access is very limited and commands cannot be executed.
- SFTP users have inbound SFTP access to the system. Users have restricted access to some file systems.
- Shell users can not only access the CMU, but are also able to login through SSH and execute commands.
Click Continue. You are prompted to confirm the changes.
TipTo add an SFTP user, click the checkbox next to SFTP User.
- Click Continue.
Assign a User Profile and Associated Privileges
Start
- From the Main Menu, click Users.
- Click User Profiles.
- Click UNPROFILED.
- Click the user to whom you want to assign a user profile.
- Using the Profile drop-down list, select the required user profile.
- Click Continue.
Delete a User
Start
Tip
You cannot delete a user who is signed onto the system
- From the Main Menu, click Users.
- Click Delete User.
- Using the User Name drop-down list, select the user you want to delete.
- Click Continue.
SSH Access for ROOT User
To enable or disable SSH access for ROOT users:
Start
- From the Main Menu, navigate to Users > User Settings.
- Under Security Settings, click the button to enable or disable SSH access for ROOT user.
ROOT ssh access is set to enabled by default to allow for installation and upgrades to avoid any interruptions. Root access is still available through console and Web UI regardless of the setting.
When ROOT ssh access is set to disabled, ROOT cannot ssh login to the system. If ROOT ssh access is set to disabled, users can login to the system through ssh and then su to root if needed to perform linux operations and/or commands.
Non-ROOT users can view the User Settings page and the options selected, but cannot make any changes.
Password-less Connections Using SSH
To allow for password-less connections:
Start
- From the Main Menu, Navigate to Users > User.
- Go to the appropriate Username row and select the + beside Authorized Key(s)
- Create the user key.
- Click Modify.
Non-ROOT Users
Any system user added by the ROOT user is defined as a non-root user. Non-ROOT users that are assigned a user profile are granted certain privileges on the system.
SFTP Users
An SFTP user is granted inbound SFTP access to the system and possesses the following abilities:
- Restricted access to the /shared directory on the file system.
- Automated outbound SFTP connections to a remote server that allows secure file transfer from the /shared directory.
- Retrieve the following system files:
- statistics files
- backup files
- log files
Overview
Content Tools