Setup User Account
Overview
This function adds, edits, and deletes the user account.
Up to 60 user accounts can be set.
The current user's (your) account cannot be changed or deleted.
When using the SSH Client Key authentication, create a pair of the SSH client public key and the SSH client secret key in advance, using the creation tool. One public key can be registered per user account. When this function is executed, the public key is registered in the storage system.
- The following types (formats) of public keys can be used:
IETF style DSA for SSH v2
IETF style RSA for SSH v2
To improve the security level of the password, specify a user policy (password policy and lockout policy). Refer to the [Modify User Policy] function for details. Use this function to set whether to enable or disable a user policy for each user account.
When a user account is deleted, the SSH client public key registered in the storage system is also deleted.
- When a user account is initialized, the following settings are initialized. Refer to the [Initialize User Account] function for details.
The password for the default account is restored to the default password.
The user policy for the default account is disabled.
To change the current user's (your) password, use the [Change User Password] function.
To change the current user's (your) SSH public key, use the [Set SSH Public Key] function.
User Privileges
Availability of Executions in the Default Role
Default role | Availability of executions |
---|---|
Monitor | |
Admin | |
StorageAdmin | |
AccountAdmin | |
SecurityAdmin | |
Maintainer |
Refer to "User Roles and Policies" for details on the policies and roles.
Display Contents
Registered User Account List
Item | Description |
---|---|
User ID |
The user ID is displayed. |
Role |
The user's role is displayed. Monitor Admin StorageAdmin AccountAdmin SecurityAdmin Maintainer Software Custom role |
Account |
Whether the user account is enabled or disabled is displayed. Disabled user accounts cannot be used. |
Password Policy |
Whether the password policy is enabled or disabled is displayed. |
Lockout Policy |
Whether the lockout policy is enabled or disabled is displayed. |
SSH Public Key |
Whether the SSH client public key used for login authentication from CLI is registered or not registered is displayed. |
Last Password Setting Date |
The date and time (YYYY-MM-DD hh:mm:ss) when the password was last changed is displayed. For user accounts with any of the following conditions, a "-" (hyphen) is displayed.
|
Days To Password Change |
The period in which the password becomes changeable from the current time is displayed with the "number of days", "Less than 24 hours", or "Changeable". This item displays the current state determined according to the "Minimum Password Age" (which can be configured in the "Password Policy" field of the [Modify User Policy] function) from "Last Password Setting Date". For example, if "Last Password Setting Date" is "2019-01-10 12:00:00" and the "Minimum Password Age" setting is "10", the following values are displayed.
If a "-" (hyphen) is displayed for "Last Password Setting Date", a "-" (hyphen) is also displayed for this item. |
Days To Expiration |
The available period of the password from the current time is displayed with the "number of days", "Less than 24 hours", or "Expired". This item displays the current state determined according to the "Maximum Password Age" (which can be configured in the "Password Policy" field of the [Modify User Policy] function) from "Last Password Setting Date". For example, if "Last Password Setting Date" is "2019-01-10 12:00:00" and the "Maximum Password Age" setting is "30", the following values are displayed.
If a "-" (hyphen) is displayed for "Last Password Setting Date", a "-" (hyphen) is also displayed for this item. |
Settings
Add New User Account
In this screen, add a user account.
Item | Description | Setting values |
---|---|---|
User ID |
Input a user ID. An existing user ID cannot be used. Entered letters are case-sensitive. Note
|
Up to 32 alphanumeric characters and symbols ('!', '-', '_', '.') |
New Password |
Input a password. Entered letters are case-sensitive. If "Enable" is selected for "Password Policy", the following input conditions are added according to the configuration with the [Modify User Policy] function.
Caution
Note
|
If "Disable" is selected for "Password Policy"
If "Enable" is selected for "Password Policy"
|
Confirm New Password |
Input the same character string as the value entered in the "New Password" field for confirmation. |
Same character string as the "New Password" field |
Role |
Select the user role that is to be assigned to the user ID. The default and custom roles registered in the storage system are displayed as the options. Caution
|
Monitor Admin StorageAdmin AccountAdmin SecurityAdmin Maintainer Software Custom role |
Account |
Select whether to "Enable" or "Disable" the user account. If the user account is disabled, that user account is registered but cannot be used. |
Enable (Default) Disable |
SSH Public Key |
Register the SSH client public key used for login authentication from CLI in the storage system. Click the [Browse...] button and specify the public key to be registered. When using the SSH client key authentication, register the SSH public key in the storage system and prepare the SSH secret key, corresponding to the public key in the client PC in advance. |
SSH Public Key Blank (Default) |
Password Policy |
Select whether to "Enable" or "Disable" the password policy. If "Enable" is selected, the following input conditions are added according to the "Password Policy" setting that is specified with the [Modify User Policy] function.
Caution
Note
|
Enable Disable (Default) |
Lockout Policy |
Select whether to "Enable" or "Disable" the lockout policy. If "Enable" is selected, the following items are applied to a user account according to the "Lockout Policy" setting that is specified with the [Modify User Policy] function.
Caution
Note
|
Enable Disable (Default) |
Edit User Account
In this screen, modify the registered settings of a user account.
- Any user account information other than the following parameters can be changed.
User ID
The "Password Policy" and "Lockout Policy" that are applied to a user account set with the "Software" role
Changed user accounts become available at the next login.
Item | Description |
---|---|
Checkbox |
Select the checkbox for the user account that is to be modified. |
Edit User Account
Item | Description | Setting values |
---|---|---|
User ID |
The user ID is displayed. |
|
Change Password |
Only when changing the password, select the "Change Password" checkbox. When the "Change Password" checkbox is selected, enter a new password in "New Password" and "Confirm New Password". |
Selected: Change password Cleared |
New Password |
Input a new password. Entered letters are case-sensitive. If "Enable" is selected for "Password Policy", the following input conditions are added according to the configuration with the [Modify User Policy] function.
Caution
Note
|
If "Disable" is selected for "Password Policy"
If "Enable" is selected for "Password Policy"
|
Confirm New Password |
Input the same character string as the value entered in the "New Password" field for confirmation. |
Same character string as the new password |
Role |
Select the user role that is to be assigned to the user ID. The default and custom roles registered in the storage system are displayed as the options. Caution
|
Monitor Admin StorageAdmin AccountAdmin SecurityAdmin Maintainer Software Custom role |
Account |
Select whether to "Enable" or "Disable" the user account. If the user account is disabled, that user account is registered but cannot be used. |
Enable Disable |
SSH Public Key |
Register the SSH client public key used for login authentication from CLI in the storage system. Click the [Browse...] button and specify the public key to be registered. When using the SSH client key authentication, register the SSH public key in the storage system and prepare the SSH secret key, corresponding to the public key in the client PC in advance. |
SSH Public Key |
Password Policy |
Select whether to "Enable" or "Disable" the password policy. If "Enable" is selected, the following input conditions are added according to the "Password Policy" setting that is specified with the [Modify User Policy] function.
Caution
Note
|
Enable Disable |
Lockout Policy |
Select whether to "Enable" or "Disable" the lockout policy. If "Enable" is selected, the following items are applied to a user account according to the "Lockout Policy" setting that is specified with the [Modify User Policy] function.
Caution
Note
|
Enable Disable |
Delete User Account
In this screen, delete a user account.
The last user account with administrator privileges (role of "Admin") assigned cannot be deleted.
Deleted user accounts will be unavailable from the next login.
Item | Description |
---|---|
Checkbox |
Select the checkbox for the user account that is to be deleted. |
Operating Procedures
Add User Account
Click [Setup User Account] in [Action].
Click the [Add] button.
Specify the parameters, and click the [Apply] button.
→ A confirmation screen appears.
Caution- An error screen appears in the following conditions:
Each parameter fails to satisfy the input conditions
The user ID is already registered
"User ID", "New Password" and/or "Confirm New Password" is not entered
"New Password" does not match "Confirm New Password"
- An error screen appears in the following conditions:
Click the [OK] button.
→ Addition of the user account starts.
Click the [Done] button to return to the [Define Role] screen.
Edit User Account
Click [Setup User Account] in [Action].
Select the user account that is to be modified and click the [Edit] button.
Change the parameters, and click the [Apply] button.
→ A confirmation screen appears.
NoteTo change the password, select the "Change Password" checkbox.
To delete an SSH public key, select the "Delete" checkbox and click the [Apply] button.
The "Delete" checkbox appears only if the SSH public key has already been registered.
Caution- An error screen appears in the following conditions:
Each parameter fails to satisfy the input conditions
The "Change Password" checkbox is selected and "New Password" and/or "Confirm New Password" is not entered
The "Change Password" checkbox is selected and "New Password" does not match "Confirm New Password"
Click the [OK] button.
→ The user account setup starts.
Click the [Done] button to return to the [Define Role] screen.
Delete User Account
Click [Setup User Account] in [Action].
Select the deletion target user accounts (multiple selections can be made), and click the [Delete] button.
→ A confirmation screen appears.
Click the [OK] button.
→ The user account deletion starts.
Click the [Done] button to return to the [Define Role] screen.