Skip to main content

We've Moved!

Product Documentation has moved to docs.hitachivantara.com
Hitachi Vantara Knowledge

Working with user accounts

To view, create, and manage user accounts, you use the Users page in the HCP System Management Console.

Note

To view user accounts, you need the monitor, administrator, or security role. To create and manage user accounts, you need the security role.

To display the Users page, in the top-level menu, select Security ► Users.

About the Users page

The Users page lets you create, modify, and delete user accounts. It also lists the existing user accounts.

Understanding the user account list

The Users page lists existing user accounts. For each account, the list shows:

  • The user name
  • Whether the account is enabled or disabled
  • The full name of the account user
  • Whether the user login is authenticated locally or by RADIUS

To view additional information about an individual user account, click the account user name.

Managing the user account list

By default, the user account list on the Users page includes all existing user accounts. The accounts are listed 20 at a time in ascending order by username.

You can page through, sort, and filter the list of user accounts. The Users page indicates which accounts are shown out of the total number of accounts in the current list.

Paging

You can change the number of user accounts shown at a time on the Users page. To do this, in the Items per page field, select the number of tenants you want. The options are 10, 20, and 50.

To page forward or backward through the user account list, click the next (GUID-E53D8EEE-3705-4C3C-B18A-BEB5FB24120A-low.png) or back (GUID-18C7E4A4-FD0B-42E4-B8A2-398D820683E9-low.png) control, respectively.

Procedure

  1. In the Page field, type the page number you want.

  2. Press Enter.

Sorting

You can sort the user account list in ascending or descending order by username. To change the sort order, click the Username column heading. Each time you click the column heading, the sort order switches between ascending and descending.

Filtering

You can filter the user account list by username. The filtered list includes only those user accounts with a username that begins with or is the same as a specified text string.

Procedure

  1. In the entry field above the list, type the text string you want to use as a filter.

    This string can be up to 64 characters long and can contain any valid UTF-8 characters, including white space. It is not case sensitive.
  2. Click the find control (GUID-6E913982-4DF5-4877-8C35-9F689D3C126D-low.png).

Next steps

To redisplay the entire list of user accounts after filtering it, click the clear filter control (GUID-2642447B-5A00-4823-9C72-F52C8FB6018E-low.png).

Creating a user account

Before you begin

To view user accounts, you need the monitor, administrator, or security role. To create and manage user accounts, you need the security role.

Procedure

  1. On the Users page in the System Management Console, click Create User Account.

  2. In the Create User Account panel:

    1. Optionally, deselect Enable account to have the user account initially disabled.

    2. In the Username field, type a unique login name for the user account. Usernames must be from one through 64 characters long and can contain any valid UTF-8 characters but cannot start with an opening square bracket ([). White space is allowed.

      User names are not case sensitive.

      You can reuse user names that are not currently in use. So, for example, if you delete the account for a user, you can create a new account for that user with the same user name as before.

      TipConsider using email addresses as user names. This enables users to more easily remember their HCP user names. It also gives you easy access to email addresses should you need to contact any users.
    3. In the Full Name field, type the name of the person for whom you’re creating the user account. This name must be from one through 64 characters long and can contain any valid UTF-8 characters, including white space

    4. For Authentication, select either Local or, for remote authentication, RADIUS.

      If you select Local, the panel displays the Password and Confirm Password fields and Force change on next login option. If you select RADIUS, these fields are hidden.

      For local authentication:

      • In the Password field, type a password for the user account. Passwords can be up to 64 characters long, can contain any valid UTF-8 characters, including white space, and are case sensitive.

      To be valid, a password must include at least one character from two of these three groups: alphabetic, numeric, and other.

      The minimum length for passwords is system specific. Typically, it’s six or eight characters.

      NoteHCP does not save passwords in a recoverable format. If a user forgets his or her password, you need to assign a new one.
    5. In the Confirm Password field, type the password again.

    6. Optionally, select Force change on next login.

      When this option is selected, the next time a user uses the account to log into the System Management Console or Search Console, as permitted, the Console automatically displays the Change Password page. The user cannot do anything else in the Console until the password is changed.

      After the user changes the password, Force change on next login is automatically deselected.

    7. In the Roles section, select any number of roles for the user account, including none.

    8. Optionally, specify a description for the user account:

      Click Description.

      In the Description field, type a description of the user account. This text can be up to 1,024 characters long and can contain any valid UTF-8 characters, including white space.

  3. Click Create User Account.

Modifying a user account

You can change this information about a user account:

  • The user name
  • The full name
  • The password
  • The roles associated with the account
  • Whether the account is enabled. If you disable an account while the user is currently logged in, the user is immediately prevented from taking any further actions.
    NoteYou can disable your own account. After you disable it, however, you cannot reenable it yourself.
  • Whether to force a password change at the next login

You cannot change the user ID or type of authentication. (The user ID is displayed with other account details when you view an individual account as a user with the security role.)

Before you begin

To view user accounts, you need the monitor, administrator, or security role. To create and manage user accounts, you need the security role.

Procedure

  1. In the list of user accounts on the Users page, click the user name for the account you want to modify.

  2. In the panel that opens, make the changes you want.

    Note

    When changing the password for a user account, you can reuse the current password. You cannot do this when changing your own password on the Change Password page.

    If you leave the Password field empty, the previously set password remains in effect.

  3. Click Update Settings.

    If you are modifying the user account you used to log into the Console and:

    • You changed the roles associated with the user account, a message appears indicating that the page will be reloaded. Click Close in the message window to reload the page.
    • You selected Force change on next login, the Console displays the Change Password page. You need to change your password on this page in order to continue working in the Console.

Deleting a user account

You can delete a user account at any time. If you delete an account while the user is currently logged in, the user is immediately prevented from taking any further action. After you delete the account, the user can no longer log in.

TipFor a RADIUS-authenticated user, if the user account becomes invalid on the RADIUS server while the user is logged in, the user may still be able to take action in the current Console session for as long as ten minutes. To ensure that the user is immediately prevented from taking further action, delete the user in HCP before deleting the remote account.

You cannot recreate a deleted account. However, you can reuse the user name from the deleted account to create a new account. The new account will have different user ID from the deleted account.

You cannot delete the account you used to log into the current System Management Console session. Additionally, if no existing AD group has the security role, you cannot delete the last locally authenticated user account with the security role.

Before you begin

To view user accounts, you need the monitor, administrator, or security role. To create and manage user accounts, you need the security role.

Procedure

  1. In the list of user accounts on the Users page, click the delete control (Trashcan icon ) for the account you want to delete.

  2. In response to the confirming message, click Delete.

Generating a user authorization token

User authorization tokens convert the HCP user account user name and password into a token that can be used by RESTful APIs to authenticate with HCP. A user authorization token is the HCP user account user name encoded in base64 and HCP user account password encoded in an md5 hash. The token does not expire unless the HCP user account user name or password changes.

Before you begin

To view user accounts, you need the monitor, administrator, or security role. To create and manage user accounts, you need the security role.

Procedure

  1. Click Generate Authorization Token.

  2. In the Generate Authorization Token window that opens, type the user name in the Username field.

  3. In the Generate Authorization Token window that opens, type the password in the Password field.

  4. Click Generate Authorization Token.

 

  • Was this article helpful?