5.2. Managing Virtuozzo Infrastructure Platform Users¶

5.2.1. Managing Roles¶

Virtuozzo Infrastructure Platform comes with two preconfigured roles that you can assign to user accounts:

• Superadministrator that has complete rights in Virtuozzo Infrastructure Platform,
• Viewer that grants read-only access to Virtuozzo Infrastructure Platform.

Before creating user accounts, you need to create user roles and assign rights to them. To do this:

1. Open the SETTINGS > User management > ROLES AND RIGHTS tab, click Add role.

2. In the Add role window, specify a role name and select rights for it from the list:

   • Cluster includes the following rights:
     • Network allows modifying network settings and roles.
     • Updates allows installing updates.
     • SSH allows adding and removing SSH keys for cluster nodes access.
     • Management allows creating the storage cluster, joining nodes to the storage cluster, and managing (assigning and releasing) disks.
   • iSCSI allows creating and managing iSCSI targets and LUNs.
   • NFS allows creating and managing NFS shares and exports.
   • Compute allows creating and managing the compute cluster.
   • S3 allows creating and managing the S3 cluster.
   • ABGW allows creating and managing Acronis Backup Gateway instances.

3. Click Add.

5.2.2. Creating User Accounts¶

To create a user account in the web-based user interface, do the following:

1. Log in to the management panel as superadministrator.
2. Open the SETTINGS > User management screen and click Add user on the USERS tab.
3. In the Add user window, specify the user name, description (if required), password, and choose a role to assign to the account in the corresponding fields.
4. Click Add.

5.2.3. Managing User Accounts¶

Any user can change their account password by clicking the user icon in the top right corner of the management panel and then clicking Change password.

An admin can create/edit/delete other users’ accounts, add/edit/remove roles from them, as well as enable/disable user accounts (i.e. allow/prohibit user login). To manage a user account, do as follows:

1. Log in to the management panel as superadministrator.
2. Open the SETTINGS > User management screen and select a user on the USERS tab.
3. On the right panel, click the pencil icon next to a parameter you need to edit or Delete depending on what you need to do.

5.2.4. Managing LDAP or Active Directory Users¶

You can add users and user groups to Virtuozzo Infrastructure Platform from an external LDAP-compliant database or Microsoft Active Directory. These users will be able to log in using their respective user names and passwords. The set of actions these users will be able to perform in Virtuozzo Infrastructure Platform will be defined by the roles you assign in Storage (listed in Managing Virtuozzo Infrastructure Platform Users).

To add an LDAP (or AD) user or group to Virtuozzo Infrastructure Platform, do the following:

1. On the SETTINGS > Advanced settings screen, open the LDAP/AD tab.

   

2. Select LDAP or Microsoft Active Directory from the Type drop-down list.

3. Specify the following parameters:

   • IP Address of an LDAP server or AD domain controller;
   • (optional) LDAP Port;
   • Bind DN (a distinguished name of an LDAP authentication database user) or Login (AD);
   • Bind Password (LDAP) or Password (AD);
   • Search Base DN, a distinguished name of a search starting point;
   • (optional) Advanced LDAP or AD parameters.

4. Click Save to authenticate in Active Directory or LDAP server.

5. On the SETTINGS > Users screen, click ADD LDAP USER.

6. On the Add LDAP users panel, select users or user groups to add to Virtuozzo Infrastructure Platform and click Add.

   

7. On the Roles panel, select the roles to assign to selected users or user groups.

   Note

   If a role is assigned to a group, every user in it is granted the corresponding rights.

   

8. Click Add to add users to Virtuozzo Infrastructure Platform.