Skip to main content
Hitachi Vantara Knowledge

Working with user accounts

To view, create, and manage HCP user accounts, you use the Users page in the Tenant Management Console. To display this page, in the top-level menu of the Tenant Management Console, select Security Users.

Roles:

  • View the user account list, you need the monitor, administrator, or security role
  • View the full definitions of user accounts, you need the security role
  • View the description, allow namespace management property, and data access permissions for user accounts, you need the monitor or administrator role
  • Create, associate roles with, delete, and otherwise manage user accounts, except modifying the allow namespace management property and data access permissions, you need the security role
  • Modify the allow namespace management property and data access permissions for user accounts, you need the administrator role

About the Users page

The Users page lets you create, modify, and delete user accounts. It also lists the existing user accounts.

Understanding the user account list

The Users page lists existing user accounts. For each account, the list shows:

  • The username
  • Whether the account is enabled or disabled
  • The full name of the account user
  • Whether the user login is authenticated locally or by RADIUS

To view additional information about an individual user account, click the account username.

Managing the user account list

By default, the user account list on the Users page includes all existing user accounts. The accounts are listed 20 at a time in ascending order by username.

You can page through, sort, and filter the list of user accounts. The Users page indicates which accounts are shown out of the total number of accounts in the current list.

Paging

You can change the number of user accounts shown at a time on the Users page. To do this, in the Items per page field, select the number of tenants you want. The options are 10, 20, and 50.

To page forward or backward through the user account list, click the next (GUID-E53D8EEE-3705-4C3C-B18A-BEB5FB24120A-low.png) or back (GUID-18C7E4A4-FD0B-42E4-B8A2-398D820683E9-low.png) control, respectively.

Procedure

  1. In the Page field, type the page number you want.

  2. Press Enter.

Sorting

You can sort the user account list in ascending or descending order by username. To change the sort order, click the Username column heading. Each time you click the column heading, the sort order switches between ascending and descending.

Filtering

You can filter the user account list by username. The filtered list includes only those user accounts with a username that begins with or is the same as a specified text string.

Procedure

  1. In the entry field above the list, type the text string you want to use as a filter.

    This string can be up to 64 characters long and can contain any valid UTF-8 characters, including white space. It is not case sensitive.
  2. Click the find control (GUID-6E913982-4DF5-4877-8C35-9F689D3C126D-low.png).

Next steps

To redisplay the entire list of user accounts after filtering it, click the clear filter control (GUID-2642447B-5A00-4823-9C72-F52C8FB6018E-low.png).

Creating a user account

  1. On the Users page in the Tenant Management Console, click Create User Account.

  2. In the Create User Account panel, in the Username field, type a login name for the user account.

    • User names can be from one through 64 characters long and can contain any valid UTF-8 characters but cannot start with an opening square bracket ([). White space is allowed.
    • User names are not case sensitive.
    • The user name must be unique for the current tenant. Different tenants can have user accounts with the same user name.
    • You can reuse user names that are not currently in use. For example, if you delete a user account, you can create a new account with the same user name.
    TipConsider using email addresses as usernames. This gives you easy access to email addresses should you need to contact users.
  3. In the Full Name field, type the name of the person for whom you are creating the account.

    This name can be from one through 64 characters long and can contain any valid UTF-8 characters, including white space.
  4. (Optional) Clear Enable account to have the user account initially disabled.

    A disabled user account cannot be used to access the Tenant Management Console or HCP Search Console. It can, however, be used for namespace access with the HTTP protocol and Namespace Browser.
  5. For the Authentication option, select either Local or, for remote authentication, RADIUS.

    If you select Local, the panel displays the Password and Confirm Password fields and Force change on next login option. If you select RADIUS, these fields are hidden.

    For local authentication:

    1. In the Password field, type a password for the user account.

      Passwords can be up to 64 characters long, are case sensitive, and can contain any valid UTF-8 characters including white space. To be valid, a password must include at least one character from two of these three groups: alphabetic, numeric, and other.
      NoteHCP does not save passwords in a recoverable format. If a user forgets his or her password, you need to assign a new one.
    2. In the Confirm Password field, retype the password.

    3. (Optional) Select Force change on next login.

      When this option is selected, the next time a user uses the account to log into the Tenant Management Console, the Console automatically displays the Change Password page. The user cannot do anything else in the Console until the password is changed.After the user changes the password, Force change on next login is automatically cleared.
  6. In the Roles section, select any number of roles for the user account, or none.

  7. (Optional) Specify a description for the user account.

    1. Click Description.

    2. In the Description field, type a description of the user account.

      This text can be up to 1,024 characters long and can contain any valid UTF-8 characters, including white space.
  8. (Optional) If you have the administrator role, select Allow namespace management.

    If the account you are creating has the administrator role, this option is selected automatically and cannot be cleared.
  9. (Optional) If you have the administrator role, click Assign Namespace Permissions. Then associate data-access permissions with the user account.

    You cannot associate data-access permissions with a RADIUS authenticated user account.
  10. Click Create User Account.

Modifying a user account and its roles

As a user with the security role, you can change this information about a user account:

  • The username.
  • The full name.
  • The password.
  • The roles associated with the account.
  • Whether the account is enabled. If you disable an account while the user is currently logged in, the user is immediately prevented from taking any further actions.
    NoteYou can disable your own account. Once you disable it, however, you cannot reenable it yourself.
  • Whether to force a password change at the next login.

You cannot change the user ID or type of authentication. The user ID is displayed with other account details when you view an individual account as a user with the security role.

Procedure

  1. In the list of user accounts on the Users page, click the username for the account you want to modify.

  2. In the panel that opens, make the changes you want.

    Note
    • When changing the password for a user account, you can reuse the current password. You cannot do this when changing your own password on the Change Password page.
    • If you leave the Password field empty, the previously set password remains in effect.
  3. Click Update Settings.

    If you are modifying the user account you used to log into the Console and:
    • You changed the roles associated with the user account, a message appears indicating that the page will be reloaded. Click Close in the message window to reload the page.
    • You selected Force change on next login, the Console displays the Change Password page. You need to change your password on this page in order to continue working in the Console.

Deleting a user account

You can delete a user account at any time. If you delete an account while the user is currently logged in, the user is immediately prevented from taking any further action. After you delete the account, the user can no longer log in.

TipFor a RADIUS-authenticated user, if the user account becomes invalid on the RADIUS server while the user is logged in, the user may still be able to take action in the current Console session for as long as ten minutes. To ensure that the user is immediately prevented from taking further action, delete the user in HCP before deleting the remote account.

You cannot recreate a deleted account. However, you can reuse the username from the deleted account to create a new account. The new account will have different user ID from the deleted account.

You cannot delete the account you used to log into the current Tenant Management Console session. Additionally, if no existing AD group has the security role, you cannot delete the last locally authenticated user account with the security role.

Procedure

  1. In the list of user accounts on the Users page, click the delete control (GUID-11785CEF-F744-432A-8841-A3B9C0F08596-low.png) for the account you want to delete.

  2. In response to the confirming message, click Delete.

 

  • Was this article helpful?