You can set up new N1 System Manager users at any time. When you install the Sun N1 System Manager software, the management server's superuser (root) account has all three system default roles automatically added to it. The Admin role is the account's default role. See Table 2–3 for details.
The following table provides a quick reference to all the tasks and associated commands used to manage users.
Table 2–1 Managing Users Quick Reference
Task |
Command Syntax |
---|---|
# useradd -s n1sh user # n1sh create user user role role |
|
# n1sh delete user user # userdel |
|
set user user defaultrole defaultrole |
|
show user user |
|
add user user role role |
|
remove user user role role |
|
show user user |
For more information about these commands, see Sun N1 System Manager 1.3 Command Line Reference Manual.
The N1 System Manager allows LDAP authentication using the Pluggable Authentication Module (PAM) subsystem. You can also use the LDAP PAM module on the management server if the management server is running either the Solaris OS or Linux.
You must be superuser (root) to add a new user account to the management server's operating system. The rest of the task must be performed by a user with the SecurityAdmin role, such as the superuser account used in this task.
When you create a new user for the N1 System Manager, you can also configure the user's login shell to be either a UNIX® shell or the n1sh shell. If the user's login is configured with the n1sh shell, the user automatically logs into the n1sh shell (N1–ok> prompt) when logging in to the management server.
Log in to the management server as superuser from a remote system.
$ ssh -l root management-server |
See To Access the N1 System Manager Command Line for details.
Add a new user account to the management server using the useradd command.
Provide the following configuration details:
Use the useradd -s option to configure the user's shell to automatically log into the n1sh shell. For example: useradd -s /opt/sun/n1gc/bin/n1sh
Use the passwd command to set the user's password.
Add /opt/sun/n1gc/bin to the user's path in order to access the n1sh command.
See the management server's useradd man page for more information.
Add the user to the N1 System Manager with one or more roles.
# n1sh -r SecurityAdmin create user user role role[,role...] |
The -r option enables you to run the n1sh command with the SecurityAdmin role, which is required for this step. See create user in Sun N1 System Manager 1.3 Command Line Reference Manual for details. You can also use the add user command to later add more roles.
You must be superuser (root) to delete an existing user account from the management server's operating system. The rest of the task must be performed by a user with the SecurityAdmin role, such as the superuser account used in this task.
Log in to the management server as superuser from a remote system.
$ ssh -l root management-server |
See To Access the N1 System Manager Command Line for details.
Delete the user from the N1 System Manager.
# n1sh -r SecurityAdmin delete user user |
The -r option enables you to run the n1sh command with the SecurityAdmin role, which is required for this step. See delete user in Sun N1 System Manager 1.3 Command Line Reference Manual.
(Optional) Delete the user account from the management server by using the management server's userdel command.