Chat now with support
Chat with Support

One Identity Management Console for Unix 2.5.2 - Administration Guide

One Identity Privileged Access Suite for Unix Introducing One Identity Management Console for Unix Installing Management Console for Unix Preparing Unix hosts Working with host systems Managing local groups Managing local users Active Directory integration Authentication Services integration Privilege Manager integration Reporting Setting preferences Security Troubleshooting tips
Auto profiling issues Active Directory Issues Auditing and compliance Cannot create a service connection point Check Authentication Services agent status commands not available CSV or PDF reports do not open Database port number is already in use Elevation is not working Hosts do not display Import file lists fakepath Information does not display in the console License information in report is not accurate Out of memory error Post install configuration fails on Unix or Mac Privilege Manager feature issues Profile task never completes questusr account was deleted Readiness check failed Recovering from a failed upgrade Reports are slow Reset the supervisor password Running on a Windows 2008 R2 domain controller Service account login fails Setting custom configuration settings Single Sign-on (SSO) issues JVM memory tuning suggestions Start/stop/restart Management Console for Unix service Toolbar buttons are not enabled UID or GID conflicts
System maintenance Command line utilities Web services Database maintenance

Managing local users

The profiling operation imports system information about the local users so you can remotely manage them through the mangement console.

The console's All Local Users tab provides a consolidated view of all users on all hosts. In addition, a host's properties contains a Users view, from which you can manage the local users.

The topics in this section step you through the local user management tasks you can perform from the Users and All Local Users tabs. For a detailed description of these tasks, please refer to the online help.

Adding a local user

You can use the mangement console to remotely add a local user to a host.

Note: This topic instructs you to set up a local user by the name of "localuser" referred to by other examples in this guide.

To add a local user account

  1. From the All Hosts view, double-click a host name to open its properties.

    You can also right-click the host name and choose Users.

  2. Select the Users tab and click Add User.

  3. In the Add New user dialog,

    1. Enter localuser as a new local user name in the Name box.

    2. Click the Select Group browse button next to the GID box to select the primary group of the user.

      The Select Local Group dialog opens.

    3. Find and select a local group account and click OK.

      By default, the Select Local Group dialog displays all groups discovered on the host. You can filter the groups by entering text in the filter area or use the navigation buttons at the bottom of the list to find and select a group.

      Note: See Adding a local group for details about adding local groups.

    4. Click the Select Shell browse button to select the login shell of the user.

      The Select local login shell dialog opens.

    5. Find and select a local login shell and click OK.

      By default, the Select local login shell dialog displays all login shells discovered on the host. You can filter the login shells by entering text in the filter area.

    6. Enter and re-enter a password of your choice and click Add User to add this new local user and click OK.

  4. On the Log on to Host dialog, enter your credentials to log onto the host and click OK.

    Note: This task requires elevated credentials. The mangement console enters this information by default from the cache.

    The new local user account is added to the system and mangement console.

At this point the new local user is valid for local authentication with the password you just set.

Searching for users

Use the Search for users control to locate particular users on a host's Users tab or the All Local Users tab.

To search for users

  1. From the All Hosts view, double-click a host name to open its properties and select the Users tab.
  2. Place your cursor in the Search for users box and enter one or more characters. As you enter characters into the text box, the mangement console redisplays only the users whose Name, UID, GID, GECOS, Login Shell, or AD User matches (contains) the criteria entered.
  3. To clear the text box and redisplay the original list, select to the right of the Search for users box.
  4. To further filter the list by type of user, open the user type drop-down menu and choose one of the following:
    • All users
    • All non-system users
    • System user
    • Users requiring AD logon (requires Authentication Services 4.x)
    • Users not requiring AD logon (requires Authentication Services 4.x)

Modifying user properties

Modify a local Unix user's properties from either the Users view of a host's properties or the All Local Users tab.

To modify a user's properties

  1. Right-click the user name and choose Properties.

    You can also double-click the user name to open its properties.

  2. On the General tab, modify the user information.
  3. On the Member Of tab, add or remove local groups.
  4. On the AD Logon tab, specify if this user is required to use an Active Directory password to log on to the host. This allows you to "map" a local user to an Active Directory account.

    Note: This feature is only available when you are logged in as an Active Directory user for a host that is joined to Active Directory.

  5. Click OK to save the changes.
  6. On the Log on to Host dialog, enter the user credentials and click OK.

    Note: This task requires elevated credentials.

Related Documents