Reference Manual
- About This Guide
- 1 Available Documentation
- 2 Feedback
- 3 Documentation Conventions
- 4 Special Uyuni Documentation Conventions
- 5 Overview and Navigation
- 6 Navigation
- 7 Systems
- 8 Autoinstallation
- 9 Salt
- 10 Images
- 11 Patches
- 12 Software
- 13 Audit
- 14 System Security via OpenSCAP
- 15 Configuration
- 16 Schedule
- 17 Users
- 18 Admin
- 19 Help
17 Users
Only Uyuni administrators can see › .
With Users you can grant and edit permissions for those who administer your system groups.
Click a user name in the › › › to modify the user.
To add new users to your organization, click the Create User link on the top right corner of the page.
On the Create User page, fill in the required values for the new user.
Once all fields are completed, click the button.
Uyuni now sends an e-mail to the specified address and takes you back to the › › › page.
If you want to set permissions and options for the new user, click the name in the list.
The User Details page for this user provides several tabs of options.
Refer to Section 17.1.4, “User Details” for detailed descriptions of each tab.
17.1 User List #
The User List provides three views:
Active user list
Deactivated user list
List all users
17.1.1 › › › #
The active user list shows all active users on your Uyuni and displays basic information about each user: user name, real name, roles, and date of their last sign in.
The active user list shows all active users on your Uyuni and displays basic information about each user: user name, real name, roles, and date of their last sign in.
Each row in the User List represents a user within your organization.
There are four columns of information for each user:
Username— The login name of the user. Clicking a user name displays theUser Detailspage for the user. Refer to Section 17.1.4, “User Details” for more information.Real Name— The full name of the user (last name, first name).Roles— List of the user’s privileges, such as organization administrator, channel administrator and normal user. Users can have multiple roles.Last Sign In— Shows when the user last logged in to Uyuni.
17.1.2 › › › #
The deactivated user list shows all deactivated users. You may also reactivate any user listed here.
Click the check box to the left of their name and click the button then the button.
Reactivated users retain the permissions and system group associations they had when they were deactivated.
Clicking a user name shows the User Details page.
17.1.3 › › › #
The All page lists all users that belong to your organization.
The page lists all users that belong to your organization.
In addition to the fields listed in the previous two screens, the table of users includes a Status field.
This field indicates whether the user is Active or Deactivated.
Click a user name to see the User Details page.
17.1.4 User Details #
Clicking a user name on a › › listing displays the User Details page.
Here Uyuni administrators manage the permissions and activity of all the users. Here you can also delete or deactivate users.
Users can be deactivated directly in the Uyuni Web interface. Uyuni administrators can deactivate or delete users of their organization. Users can deactivate their own accounts.
Note: Users with Uyuni Administrator Role
Users with the Uyuni administrator role cannot be deactivated until that role is removed from their account.
Deactivated users cannot log in to the Uyuni Web UI or schedule any actions. Actions scheduled by a user prior to their deactivation remain in the action queue. Deactivated users can be reactivated by Uyuni administrators.
Warning: Irreversible Deletion
User deletion is irreversible; exercise it with caution. Consider deactivating the user first to assess the effect deletion will have on your infrastructure.
To deactivate a user:
Click a user name to navigate to the
User Detailstab.Verify that the user is not a Uyuni administrator. If they are, uncheck the box to the left of that role and click the button.
Click the
Deactivate Userlink in the upper right corner of the dialog.Click the button to confirm.
To delete a user:
Click a user name to navigate to the
User Detailstab.Verify that the user is not a Uyuni administrator. Uncheck the box to remove the role if necessary.
Click the
Delete Userlink in the upper right corner of the dialog.Click the button to permanently delete the user.
For instructions to deactivate your own account, refer to Section 6.7.4, “Account Deactivation”.
17.1.4.1 › #
The Details tab, displays the user name, first name, last name, e-mail address, roles of a user, and other details about the user.
The tab, displays the user name, first name, last name, e-mail address, roles of a user, and other details about the user.
Edit this information as needed and then confirm with . When changing a user’s password, you will only see asterisks as you type.
To delegate responsibilities within your organization, Uyuni provides several roles with varying degrees of access. This list describes the permissions of each role and the differences between them:
[guimenu]``User (normal user) — Also known as a System Group User, this is the standard role associated with any newly created user. This person may be granted access to manage system groups and software channels, if the Uyuni administrator sets the roles accordingly. The systems must be in system groups for which the user has permissions to manage them. However, all globally subscribable channels may be used by anyone.
SUSE Manager Administrator— This role allows a user to perform any function available in Uyuni.
As the master account for your organization, the person holding this role can alter the privileges of all other accounts of this organization, and conduct any of the tasks available to the other roles.
Like with other roles, multiple Uyuni administrators may exist. Go to › › and click the check box in the SUSE Manager Admin row. For more information, see
Section 18.3, “ › › ”.
+
A SUSE Manager Administrator can create foreign organizations; but a SUSE Manager Administrator can only create users for an organization if he is entitled with organization administrator privileges for this organization.
* Organization Administrator — This role provides a user with all the permissions other administrators have, namely the activation key, configuration, channel, and system group administrator. A Organization Administrator is not entitled to perform actions that belong to the › features
(see Chapter 18, Admin).
* Activation Key Administrator — This role is designed to manage your collection of activation keys. A user assigned to this role can modify and delete any key within your organization.
* Image Administrator — This role is designed to manage Image building. Modifiable content includes Image Profiles, Image Builds and Image Stores. A user assigned with this role can modify and delete all content located under the › . These changes will be applied across the organization.
* Configuration Administrator — This role enables a user to manage the configuration of systems within the organization, using either the Uyuni Web UI or tool from the rhncfg-management package.
* Channel Administrator — This role provides a user with full access to all software channels within your organization. This requires the Uyuni synchronization tool (mgr-sync from the susemanager-tools package). The channel administrator may change the base channels of systems, make channels globally subscribable, and create entirely new channels.
* System Group Administrator — This role limits authority to systems or system groups to which access is granted. The System Group Administrator can create new system groups, delete any assigned systems from groups, add systems to groups, and manage user access to groups.
Being a Uyuni administrator enables you to remove administrator rights from other users. It is possible to remove your own privileges as long as you are not the only Uyuni administrator.
To assign a new role to a user, check the respective box. Uyuni administrators are automatically granted administration access to all other roles, signified by grayed-out check boxes. Click to submit your changes.
17.1.4.2 › #
This tab displays a list of system groups the user may administer; for more information about system groups, see Section 7.4, “Systems > System Groups”.
Uyuni administrators can set this user’s access permissions to each system group. Check or uncheck the box to the left of the system group and click the button to save the changes.
Uyuni administrators may select one or more default system groups for a user. When the user registers a system, it gets assigned to the selected group or groups. This allows the user to access the newly-registered system immediately. System groups to which this user has access are preceded by an (*).
17.1.4.3 › #
This tab lists all systems a user can access according to the system groups assigned to the user.
To carry out tasks on some of these systems, select the set of systems by checking the boxes to the left and click the button.
Use the System Set Manager page to execute actions on those systems.
Clicking the name of a system takes you to its System Details page.
Refer to
Section 7.3, “System Details”.
17.1.4.4 › #
This tab lists all channels available to your organization.
Grant explicit channel subscription permission to a user for each of the channels listed by checking the box to the left of the channel, then click the button. Permissions granted by a Uyuni administrator or channel administrator have no check box but a check icon like globally subscribable channels.
17.1.4.4.1 › › #
Identifies channels to which the user may subscribe systems.
To change these, select or deselect the appropriate check boxes and click the button. Note that channels subscribable because of the user’s administrator status or the channel’s global settings cannot be altered. They are identified with a check icon.
17.1.4.4.2 › › #
Identifies channels the user may manage. To change these, select or deselect the appropriate check boxes and click the button. The permission to manage channels does not enable the user to create new channels. Note that channels automatically manageable through the user’s admin status cannot be altered. These channels are identified with a check icon. Remember, Uyuni administrators and channel administrators can subscribe to or manage any channel.
17.1.4.5 › #
Configure the following preference settings for a user.
Email Notifications: Determine whether this user should receive e-mail every time a patch alert is applicable to one or more systems in his or her Uyuni account, and daily summaries of system events.SUSE Manager List Page Size: Maximum number of items that appear in a list on a single page. If the list contains more items than can be displayed on one page, click the button to see the next page. This preference applies to the user’s view of system lists, patch lists, package lists, and so on.Overview Start Page: Configure which information to be displayed on the “Overview” page at login.Time Zone: Select the time zone from the drop-down box. Dates and times, like system check-in times, will be displayed according to the selected time zone.CSV Files: Select whether to use the default comma or a semicolon as separator in downloadable CSV files.
Change these options to fit your needs, then click the button.
17.1.4.6 › #
This tab lists mailing addresses associated with the user’s account.
If there is no address specified yet, click and fill out the form. When finished, click . To modify this information, click the button, change the relevant information, and click the button.
17.2 System Group Configuration #
System Groups help when diferrent users shall administer different groups of systems within one organization.
17.2.1 › › › #
Enable Create a user default System Group and confirm with .
Assign such a group to systems via the › › subtab. For more information, see Section 7.3.5.2, “ › › ”.
17.2.2 › › › #
Allows to create an external group with the Create External Group link.
Users can join such groups via the System Groups of the user details page, then check the wanted Group, and confirm with .
For more information, see Section 17.1.4.2, “ › ”.