Skip to main content
Hitachi Vantara Knowledge

Resetting HCP tenant security

HCP ensures that each HCP tenant always have at least one:

  • Locally authenticated HCP user account with the security role
  • Group account with the security role

For a given tenant, it is highly improbable that all locally authenticated users with the security role will forget their passwords at the same time. However, should this happen, if the tenant does not have a group account with the security role, the tenant would have no administrators who could manage user and group accounts.

To resolve this issue, you can use the System Management Console to restore access to the tenant for locally authenticated users with the security role. You can do this in one of two ways:

  • Reset the passwords for all locally authenticated user accounts with the security role. When you do this, you specify a single password for all affected accounts.
  • Grant the security role to a new or existing group account. A new group account will have only the security role and no data access permissions. An existing group account will have the security role plus whatever roles and data access permissions it currently has.

    You can grant the security role to a group account only if the tenant is configured to support AD authentication, HCP is configured to support AD, and HCP is to communicate with AD.

NoteTo reset security for an HCP tenant, you need the administrator role.

Resetting security for an HCP tenant

Before you begin

To reset security for an HCP tenant, you need the administrator role.

Procedure

  1. In the top-level menu of the System Management Console, click Tenants.

  2. In the list of tenants, click the name of the tenant for which you want to reset security.

  3. In the row of tabs below the tenant name, click Settings.

  4. In the Settings panel, click Reset Security.

  5. In the Reset Security window, select Local to reset the passwords of all locally authenticated HCP user accounts with the security role, or select Active Directory to grant the security role to a new or existing group account.

    If you selected Local:

    • In the Password field, type a new password for the locally authenticated user accounts with the security role. Passwords can be up to 64 characters long, are case sensitive, and can contain any valid UTF-8 characters, including white space. The minimum length for a password is the tenant-specific minimum password length.

      To be valid, a password must include at least one character from two of these three groups: alphabetic, numeric, and other.

    • In the Confirm Password field, type the password again.

    If you selected Active Directory:

    • In the Group field, enter the name of the AD group account that corresponds to the new HCP group account that you want to create or the existing HCP group to which you want to grant the security role.
  6. Click Reset Security.

 

  • Was this article helpful?