This section describes how to add a user to manage the storage system or resources based on the granted permissions.
Context
- Only super administrators can add a user.
- You have configured a domain authentication server before adding an LDAP user or user group.
Procedure
- Choose Settings > User and Security > Users and Roles > User Management.
- Click Add.
The Add User page is displayed.
Based on specific service requirements, super administrators can create different levels of user accounts to grant them only necessary operation permissions, thereby ensuring system stability and data security.
- Set user information.
- Set Type to Local user, and configure the local user information. Table 1 describes related parameters.
Table 1 Local user parameters Parameter
Description
Username
Name of the new user.
The name cannot be modified after the user is created.
NOTE:- The name can contain a maximum of 32 characters. The minimum length varies according to the Username Policy in Security Policies. For details, see Configuring Security Policies.
- The name can contain letters, digits, and underscores (_) and must start with a letter.
- The name must be unique.
Password
Password of the new user.
NOTE:- The maximum and minimum lengths of a password vary according to the Password Policy in Security Policies. For details, see Configuring Security Policies.
- The password must contain special characters and at least two of the following types: uppercase letters, lowercase letters, and digits. Special characters include !"#$%&'()*+,-./:;<=>?@[\]^`{_|}~ and spaces.
- A password cannot be the same as the user name or the reverse of the user name.
- You can modify the password policy in Security Policies.
- Users must properly manage passwords to prevent disclosure.
Confirm Password
Confirms the password. The value of Confirm Password must be the same as that of Password.
Role
Role of the new user. For details about role permissions, see Viewing All User Roles.
NOTE:Once the role of a user is set to Machine-machine account, it cannot be changed. In addition, users of other roles cannot be changed to the Machine-machine account role.
Login Method
Login method of the new user.
NOTE:- For users who are not super administrators, select at least one login method among DeviceManager, CLI, and RESTful.
- A machine-machine account can only select RESTful.
- Set Type to LDAP user or LDAP user group, and configure the LDAP user or LDAP user group information. Table 2 describes related parameters.
Table 2 LDAP user or LDAP user group parameters Parameter
Description
Username
Name of the new LDAP user or LDAP user group.
The name cannot be modified after the user is created.
NOTE:The new LDAP user or LDAP user group must be on the LDAP domain server. Otherwise, the login will fail.
Role
Role of the new user. For details about role permissions, see Viewing All User Roles.
NOTE:Once the role of a user is set to Machine-machine account, it cannot be changed. In addition, users of other roles cannot be changed to the Machine-machine account role.
Login Method
Login method of the new user.
NOTE:For users other than super administrators, select at least one login method among DeviceManager, CLI, and RESTful.
- Set Type to Local user, and configure the local user information. Table 1 describes related parameters.
- Click OK.