2.3.3.2 Modify User Privileges
To change a user's privileges, use the ESCLI chuser
command with the --privilege
option and
specify:
- The unique user ID for the user that is being modified. You can use
the
lsuser
command to find the ID for each user. - The list of privileges to apply to the user.
For example:
@> chuser theuserID --privilege vlt_read|egs
The --privilege
option specifies a list of one or more
privileges of the form privilege-1|privilege-2|...
.
A privilege is one of the following:
no_privilege
, cellsrv
, egs
,
ers
, syseds
, usreds
,
bsm
, bsw
, ms
,
vlt_manage
, vlt_use
,
vlt_read
, vlt_inspect
, cl_admin
,
cl_operator
, cl_monitor
,
on_behalf_of
, user_create
,
system_restore
. For descriptions, see User Privileges.
no_privilege
cannot be combined with any
other type of privileges, otherwise an error is returned.
Vault top-level privileges (vlt_manage
,
vlt_use
, vlt_read
, and
vlt_inspect
) are mutually exclusive. If any two or more are
combined, an error is returned.
Cluster privileges (cl_admin
,
cl_operator
, and cl_monitor
) are mutually
exclusive. If any two or more are combined, an error is returned.
Parent topic: Modify a User