Articles in this section

Managing Local Users

Sara Levy
  • Updated
Follow

VAST Cluster features a local authorization provider. The local provider enables you to add users and manage them manually via VMS rather than adding them to an external provider. This feature is useful for:

  • Adding users when you do not have an external provider configured. (This is an option for NFS and S3 access.)

  • Adding users who are not defined on external providers who specifically need S3 access. (Users who are defined on external providers can be assigned S3 permissions without being added to the local provider.)

  • Adding POSIX attributes for a user who is defined on Active Directory but only has SMB attributes there and is not defined in an additional configured external provider. In this case, use the same user name as is used on Active Directory so that the user database will associate these attributes to the same user.

  • Adding users to manually override incorrect or outdated attributes on external providers.

In case of any conflict between user attributes on any external authorization provider and the local provider, the local provider attributes override the non local provider. For more details, see Understanding User Management and Authorization

Local users are created with a UID and user name that you supply manually. A unique SID is generated by the cluster for each local user. You can specify the user's leading group and other groups by name, using names of manually added groups.

Note

Local provider user entries are not included in S3 backup.

Creating a Local User via the VAST Web UI

  1. From the left navigation menu, select User Management and then Users.

  2. Click Create User and complete the following fields:

    Field

    Description

    Name (required)

    The user name.

    UID (required)

    The user's POSIX UID.

    Leading Group

    The name of the user's leading (aka primary) group, which is the group assigned by default as the owning group of any files created by the user.

    Select the group from the dropdown. If the group was not yet added to the local provider, add the group first.

    Groups

    Names of other groups that the user belongs to beside the primary group. Also known as auxiliary groups.

    Select groups from the dropdown. If a group was not yet added to the local provider, add the group first.

    Allow create bucket

    Enable this setting to give the user permission to create S3 buckets.

    Disabled by default.

    See Managing User S3 Permissions.

    Allow delete bucket

    Enable this setting to give the user permission to delete S3 buckets.

    Disabled by default.

    See Managing User S3 Permissions.

    S3 Superuser

    Enable this setting to give the user permission to override ACLs.

    Disabled by default.

  3. Click Create.

    The user is created. The dialog switches to the Update User dialog, and the Create new key button now appears. This is to enable you to grant the user S3 access.

  4. Click Update.

    The new local user is displayed in the Users page.

 

Modifying a User (VAST Web UI)

  1. Click Actions_Button.png to open the Actions menu for the user.

  2. Select Edit.

    The Update User dialog appears.

  3. Make the changes you need and click Update.

    The user is updated with the changes.

 

Removing a User (VAST Web UI)

  1. Click Actions_Button.png to open the Actions menu for the user.

  2. Select Remove.

  3. Click Yes to confirm the removal.

    The user is deleted from the local provider.

 

Querying a Local User (VAST Web UI)

See Querying Users.

 

Managing Local Users via VAST CLI

To manage local users via the CLI, use the following commands.

To do this task...

Use this command...

Add a user.

user add

Modify a user.

user modify

Query local users.

user query

Display all local users.

user list

Display details of a specific local user.

user show
 
 

Related articles

Comments

0 comments

Article is closed for comments.