Create local users

Users gain access to a storage system or component either directly through a role assignment or indirectly through membership in a user group that has a role assignment.

Prerequisites

To perform this operation, you must be the Initial Setup User (set during installation), or SecurityAdmin on at least one storage system.

About this task

See Roles and associated permissions for an overview of the Role-Based Access Control (RBAC) functionality.

This procedure explains how to create local users. Local users have accounts that are stored locally in the user database in the Unisphere server host (Log in to Unisphere with your Username and Password.).

Steps

  1. Select Settings icon to open the Settings panel.
  2. Select Users and Groups > Local Users.
  3. Click Create to open the Create Local User dialog box.
  4. Type a User Name.

    User names are case-sensitive and allow alphanumeric characters of either case, an underscore, a dash, a period, or a $:

    • a-z
    • A-Z
    • 0-9
    • _
    • .
    • -
    • $
  5. Optional: Type a Description.

    The text within the description supports the following characters:

    • a-z
    • A-Z
    • 0-9
    • _
    • -
    • .
    • !
    • @
    • Number
    • $
    • %
    • &
    • *
    • (
    • )
    • .
    • ^
  6. Type and confirm a user Password. Click the eye icon when typing in the password and you can see what you are entering.
    Passwords cannot exceed 16 characters. There are no restrictions on special characters when using passwords.
  7. On the Roles tab, select the object and up to four roles.
  8. If you choose a Local Replication, Remote Replication or Device Management role, click Select Storage Group(s) and in the edit dialog that opens choose between:
    1. Wildcard—A wildcard syntax used with the storage group component name to allow a single rule to apply to multiple storage groups.

      A simple wildcard syntax can be used with the component name to allow a single rule to apply to multiple SGs as follows:

      abc - Exactly these characters

      ? Any one character

      * Any zero or more characters

      + Zero or more additional occurrences of the previous match

      [a-z0-9] Any of these characters

      [!a-z] Anything but one of these characters

      All SG name comparisons are case-insensitive. The following table contains examples to show how they are interpreted:

      Table 1. Wildcard syntax examples
      This pattern Matches these Storage Groups Does not match these Storage Groups
      tg_* tg_DB_SG1 or tg_newSG or TG_sg_db tgNewSG
      prod_sg? prod_sg1 or prod_sga or Prod_sg2 prod_sg12 or prod_sgab
      prod_sg[0-9]+ prod_sg1 or prod_sg12 prod_sga or prod_sgab

      The only allowed characters are: a-zA-Z0-9_- along with the above *+?[]! wildcard characters.

      The only roles that can be assigned against storage groups are: Local Replication, Remote Replication, and Device Management.

      Storage groups do not have to exist at the time that a matching Role-Based Authentication Controls (RBAC) rule for them is defined.

      These storage group-level RBAC rules are only applicable to parent and stand-alone SGs and not child SGs. Child SGs are protected by the RBAC rules, if any, on their parent SG.

    2. Storage Group
    3. Once your input or selection is complete, click Save.
  9. Click OK.