Adding Users And Assigning Roles

C H A P T E R 7

This chapter describes host and user accounts, and includes these topics:

Creating Host Accounts

Adding New Users to Hosts

Adding New Users and Assigning Roles

Creating Host Accounts

To use the Sun Storage Common Array Manager, users and roles must be defined on the host and assigned in the array management software. Make sure the following user names are defined on your systems:

root (or an administrative user for Windows)

storage

guest

User names must be a currently defined user on the management host.

Roles assign privileges to users. Two roles (storage and guest) are defined in the array management software.

Storage role

Assigns a user write permission and access to all of the software features related to array configuration and management.

Guest role

Assigns a user read permission but restricts the ability to manage the array.

By default, the array management software automatically assigns roles to:

root users in Solaris and Linux

Administrator users in Windows

storage and guest user names if defined on the host

For all other users, you assign roles to users in the array management software.

TABLE 7-1 describes the user names and user role functions and the requirements for each.

TABLE 7-1 User Names and User Roles
User Role/Group	Description	User Name	Required Password
`storage` (initial administrator)	Use the root or administrative user name to initially add other users. A `storage` user can use all of the software features related to array configuration and management.	Solaris - `root` Linux - `root` Windows - administrator user, including root if so set up	Root or administrator password on the management host
`storage`	A `storage` user can use all of the software features related to array configuration and management.	Currently defined user on the management host	The same password used to log into the host
`guest`	A `guest` user has read-only privileges and can only view information. This user cannot modify any settings or features.	Currently defined user on the management host	The same password used to log into the host

Using Administrative Roles to Initially Log In

The first time that you access the array management software, you sign in as an administrative user defined on the management host:

root in Solaris or Linux.

Administrator user in Windows.

By default, the administrative user has the storage role. The administrative user can add users and assign roles to them.

Adding New Users to Hosts

User names in the array management software must be currently defined users on the host.

To add new users to hosts running Solaris or Linux OS, consult the system administration documentation.

To add new users to hosts running Windows, refer to Adding New Users in Windows.

To share a user name for storage administration, add the following user names to your hosts:

storage

guest

Once these user names are added to the host, by default they are assigned the storage and guest roles.

Adding New Users and Assigning Roles

This section describes how to add new users and assign them the storage or guest role in Sun Storage Common Array Manager. The users must first be defined on the host. For users (other than the administrative user) to access the array management software, roles must be assigned to those users in the software.

You do not have to complete this step for users automatically assigned a role by the array management software:

root user in Solaris and Linux

Administrator users in Windows

storage and guest user names defined on the host

1. To view the list of defined users, choose General Configuration > User Management in the navigation pane.

2. On the User Summary page, click the Add button to add a new user.

The is displayed.

3. On the Add New User page, enter a valid user name defined on this host in the User Name field.

4. From the User Role list, select the storage or guest role you want to assign to this user.

5. Click OK.

The User Summary page is displayed with a success message and the name is added to the list.

Newly added users can log into the Oracle Java Web Console to access the array management software with the same password that they use to log into the system.

Adding New Users in Windows

This section provides the information you need to create users in Windows and assign them to groups for privileges.

Note - These instructions show you an example of how to configure an administrative user in standard Windows XP. Other versions of Windows software may vary slightly. Consult the Windows documentation.

Adding an Administrative User in Windows

1. Click Start and select Administrative Tools > Computer Management.

2. In the Computer Management window, select Local Users and Groups > Users.

3. Right click and select New User.

4. Enter a username in the User name box.

Note - Administrative user names for Windows cannot include a space character.

5. Create a password and confirm it.

6. Uncheck the box labeled User must change password at next login.

7. Check Password never expires.

8. Click Create.

9. From the Computer Management window, select Users, right click on root, and select Properties.

10. In the Properties windows, select the Member Of tab, and click Add.

11. In the Select Groups window, enter Administrators for the object name and click Check Names.

The system displays the computer-name\Administrator group in the box labeled “Enter the object names to select.”

12. Click OK.

The root Properties window shows that root is a member of Users and the Administrators groups. The root user now has Windows Administrator privileges and is automatically assigned the storage role in the array management software.

Adding Non-Administrator Users in Windows

To add non-Administrator users, follow the same steps as Adding an Administrative User in Windows, but define groups called storage and guest and add the user name to one of those groups instead of the Administrator group.

When done, check the Properties window of the user name and Member of tab to verify that the user is assigned to Users and to the storage or guest Group.

Proceed to assign the user name the storage or guest role in the array management software, as described in Adding New Users and Assigning Roles.

User Role Guidelines

To share a user name for storage administration, add the following user names to your systems:

storage

guest

Once these user names are added to the system, by default they are assigned the storage and guest roles.

Administrative user names for Windows cannot have a space character.

To have a common administrative role across all platforms, you can add a user name of root with administrative privileges on the Windows system.

Make rules for multiple users with storage roles.

Multiple instances of the same user name can be logged in concurrently. However, because users with the storage user role have write privileges, there is a risk that the changes of one logged-in user will overwrite previous changes of another logged-in user. Therefore, you should develop policies about who can make changes and how to notify others.