How to create a user on a VPLEX system

To create a user on a VPLEX system:

  1. Log in to the admin account of the VPLEX CLI.
  2. Type the user add username command.
    User names can be up to 32 characters and contain numbers, letters, special characters, and no spaces. For example:
    VPlexcli:/> user add TestUserYou are prompted for the administrator password.
  3. Enter the administrator password at the prompt.
    A prompt for the new password for the user name being added is displayed:
    Enter password for TestUser:
  4. Enter the password for the new username. Passwords must be at least eight characters and can contain numbers, letters, and special characters. Spaces and dictionary words are not allowed.
  5. Re-enter the password at the second prompt:
    Confirm password for TestUser:
  6. Repeat the procedure from the user add command for each new user.
  7. Verify the new accounts by using the user list command.

First login to a new user account

In order to login to the CLI, newly created user accounts must change their password on the management server. The new password must be at least 14  characters long.

Example of a first login after an account is created:

login as: TestUser
using keyboard-interactive authentication.
Password: old-password
Using keyboard-interactive authentication.
Password change requested. Choose a new password.
Old Password: old-password
Using keyboard-interactive authentication.
New Password: my-new-password
Using keyboard-interactive authentication.
Reenter New Password: my-new-password
Password changed.
localuser@ManagementServer:~>

User_Account_1.png

The user has been created.

By default, the role name for the user is vplexuser, and shell-access is set to false.

The role name needs to be changed to readonly and the shell-access to true to discover the VPLEX system by using BMC Discovery.


Note

The readonly role limits users to performing read-only commands with the CLI, ensuring the user will not invoke commands that damage or inhibit VPLEX functionality. It also ensures that automated monitoring tools or scripts (CLI or REST) don't accidentally invoke damaging or unintended commands. The administrator can create one or more accounts that have the readonly role. vplexuser role accounts (as well as authorized VPLEX LDAP accounts) created by the Administrator may be defined as readonly when deemed necessary.


  1. Change the path to /management-server/users/local/TestUser.Enter:
    cd /management-server/users/local/TestUser
  2. To see the default value, enter the command ll.
  3. To see the role to readonly, enter:
    set role-name readonly
  4. Enter the administrator password at the prompt.
    Enter admin password:
  5. Enter the command set shell-access true.
    set shell-access true
  6. Enter the administrator password at the prompt.
    Enter admin password:
  7. To see the values, enter the command ll.

User_Account_2.png

After the procedure is complete, in BMC Discovery, add a credential of type SSH and EMC VPLEX REST API. Use the same username (TestUser) and its password for both SSH and EMC VPLEX REST API. Finally, perform a scan to discover the VPLEX Storage system.

User_Account_3.png


 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*