Sun Java System Web Server 7.0 Administrator's Guide

Setting Up Users and Groups

The Administration Server allows editing user accounts, group lists, access privileges, organization units, and other user- and group-specific information for both LDAP and File auth-db types.

ProcedureTo Add a User

  1. Select the configuration.

    Select the configuration from the configuration list. Click Configurations tab to get the list.

  2. Click Access Control > Users tab.

  3. Click New button.

  4. Add User Information.

    Enter the user id and password. Optionally enter the group which the user belongs to. The user ID must be unique. In case of LDAP based authentication DB, the Administration Server ensures that the user ID is unique by searching the entire directory from the search base (base DN) down to see if the user ID is in use. Be aware, however, that if you use the Directory Server ldapmodify command line utility (if available) to create a user, that it does not ensure unique user IDs.


    Note –

    Using CLI

    For creating a user through CLI, execute the following command.


    wadm> create-user --user=admin --password-file=admin.pwd --host=serverhost 
    --port=8989 --config=config1 --authdb=KEYFILE1 --full-name=keyfile-config1-u1 
    keyfile-config1-u1

    See CLI Reference, create-user(1).


ProcedureTo Add a Group

  1. Select the configuration.

    Select the configuration from the configuration list. Click Configurations tab to get the list.

  2. Click Access Control > Groups tab.

  3. Click New button.

  4. Enter Group Name.

  5. From the Add Users To Group section search and add existing users to the group.


    Note –

    Creating a group in authentication database like keyfile or digestfile requires atleast one user to be specified.



    Note –

    Using CLI

    For creating a group through CLI, execute the following command.


    wadm> create-group --user=admin --password-file=admin.pwd --host=serverhost
    --port=8989 --config=config1 --authdb=LDAP1 group1

    See CLI Reference, create-group(1).


ProcedureTo Delete a User

  1. Select the configuration.

    Select the configuration from the configuration list. Click Configurations tab to get the list.

  2. Click Access Control > Users tab.

  3. Select the authentication database from which you need to delete the user.

  4. Enter the User ID in the Search Users text box and click Search button.

  5. Select the user from the UserID column and click Delete button.


    Caution – Caution –

    Deleting users(s) from keyfile/digestfile authentication databases will delete the associated group(s) as well if the group(s) contain no members after deletion of the user(s). This happens because groups without members are not allowed for keyfile/digestfile authentication databases.



    Note –

    Using CLI

    For deleting a user through CLI, execute the following command.


    wadm> delete-user --user=admin --password-file=admin.pwd --host=serverhost 
    --port=8989 --config config1 --authdb KEYFILE1 user1

    See CLI Reference, delete-user(1).


ProcedureTo Delete a Group

  1. Select the configuration.

    Select the configuration from the configuration list. Click Configurations tab to get the list.

  2. Click Access Control > Groups tab.

  3. Select the authentication database from which you need to delete the group.

  4. Enter the User ID in the Search Users text box and click Search button.

  5. Select the user from the UserID column and click Delete button.


    Note –

    Deleting a group does not delete the users belonging to the group. You have to delete the users manually or reassign groups.



    Note –

    Using CLI

    For deleting a group through CLI, execute the following command.


    wadm> delete-group --user=admin --password-file=admin.pwd --host=serverhost
    --port=8989 --config config1 --authdb LDAP1 group1

    See CLI Reference, delete-group(1).