No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

OceanStor 9000 V300R006C00 Object Storage Service (Compatible with Amazon S3 APIs) Administrator Guide 07

Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Managing Accounts for Logging In to the DeviceManager

Managing Accounts for Logging In to the DeviceManager

This section describes different roles of managing DeviceManager, such as the super administrator, administrator, read-only user, resource administrator, and device administrator.

Context

Roles of accounts for logging in to DeviceManager are categorized as:

  • Super administrator: User admin that exists by default and cannot be deleted. The default password is Admin@storage. This user has full control permissions for the system.
  • Administrator: Has all permissions except user management. User omuser that exists by default. The default password is Omuser@storage.
  • Read-only user: Has only access permission for the system.
  • Resource administrator: Has permissions to perform operations on the alarms pages.
  • Device administrator: Has permissions to perform operations on the system, alarms and settings pages.

After using system accounts to log in to DeviceManager for the first time, users must change their initial passwords for security purposes and are advised to regularly change their passwords.

The number of the users who concurrently log in to DeviceManager as the super administrator is not limited, but the number of the users who concurrently log in to DeviceManager as the administrator, read-only, resource administrator, and device administrator cannot exceed 16; otherwise, the login will fail.

Procedure

  1. Log in to DeviceManager.
  2. Manage accounts for logging in to DeviceManager.
    1. Choose Settings > Permission Settings > User Management.
    2. Perform operations listed in Table 15-1.

      Table 15-1  Managing accounts

      Operation

      Role

      Description

      Add

      Super administrator

      The super administrator can create accounts of different roles to restrict user operations in the OceanStor 9000. The super administrator and administrator omuser are default users, the super administrator cannot be deleted, locked, or forced offline, and the administrator omuser cannot be deleted.

      Remove

      Super administrator

      The super administrator can delete unnecessary accounts.

      Lock

      Super administrator

      The super administrator can lock an abnormal account. A locked account can no longer be used in system login but is valid before being logged out.

      Unlock

      Super administrator

      If an account that has been locked, the super administrator can unlock the account.

      Offline

      Super administrator

      If you do not want a user to perform operations on the OceanStor 9000 or other resources, forcibly log out the user as super administrator through DeviceManager or CLI.

      Modify

      Super administrator

      The super administrator can reset passwords, description and change roles of administrators, read-only users, resource administrators, and device administrators. The super administrator can change its password and the registered email address for retrieving the password.

      NOTICE:

      If the SystemReporter has been deployed, log in to it and change the password that is registered with the OceanStor 9000 each time the password of user omuser is changed.

      After a user logs in to DeviceManager using the new password reset by super administrator, the user needs to change the password.

      Administrators, read-only users, resource administrators, and device administrators

      These roles can change their own passwords only.

      Must change the password upon next login

      Super administrator

      A super administrator can set whether the login passwords of administrators, read-only users, resource administrators, and device administrators need to be modified upon their login next time.

      View properties

      Super administrator

      The super administrator can view information about all users.

      Administrators, read-only users, resource administrators, and device administrators

      These roles can view their own information only.

  3. Configure the password retrieval function for the super administrator (user admin).

    If the password retrieval function is used, make sure that the SMTP server has been provided by the user.

    Make sure that a mailbox for retrieving the password is configured. Otherwise, the admin's password cannot be retrieved once it is lost.

    1. Choose Settings > Permission Settings > SMTP Server.
    2. As prompted, enter an Address, Port, Account, and Password for the SMTP server, and select Encryption Protocol. Then click Save.

      • Encryption Protocol: indicates the encryption protocol that the SMTP server used, including Unencrypted, SSL, and TLS.

        Security risks arise if the encryption protocol is not enabled. You are advised to enable the TLS protocol if the SMTP server supports the SSL and TLS protocol.

      • Enable certificate authentication: This parameter is displayed when SSL or TLS is selected. After this parameter is selected, the OceanStor 9000 will verify the certificate of the SMTP server as a client. You are advised to replace certificates regularly. For details on how to replace a certificate, see the OceanStor 9000 Security Maintenance.

    3. Choose Settings > Permission Settings > User Management.
    4. Select admin and click Modify.
    5. In the dialog box that is displayed, enter the password of the admin, and select Modify Registered Email Address and enter the recipient email address.
    6. Click OK.
Translation
Download
Updated: 2019-04-28

Document ID: EDOC1000122523

Views: 11651

Downloads: 84

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next