Next Previous

8.1 Managing HPSS Users

After the HPSS system is up and running, the administrator must create the necessary accounts for the HPSS users. For a new HPSS user, a DCE account and an FTP account must exist before the user can access HPSS via FTP. In addition, if the HPSS user needs to use SSM, a SSM account must also be created before the user can use SSM. The SSM ID should be created only for the HPSS administrators and operators.

The HPSS User Management Utility ( hpssuser ) provided with HPSS can be used by the administrator to add, delete, and list the HPSS user accounts. The utility must run as root to acquire the necessary authority to create new UNIX, FTP, and SSM IDs. The cell_admin password is also required to add a DCE ID. Refer to 12.2 HPSS Utility Manual Pages for more information on how to invoke the hpssuser utility.

8.1.1 Adding HPSS Users

The hpssuser utility can be used by the administrator to add a UNIX User ID, a DCE User ID, an FTP User ID, and an SSM User ID for an HPSS user if these IDs do not already exist. The hpssuser utility can be invoked to add all four types of User IDs for a user or to add an individual User ID.

8.1.1.1 Add all User IDs

The utility creates a UNIX User ID, a DCE User ID, an FTP User ID, and an SSM User ID for an HPSS user.

Invoke the hpssuser utility as follows to add the required User ID for an HPSS user:

 

hpssuser -add <user> -all

The utility will prompt the user for the required data. Following is an example of adding all User IDs:

 

% hpssuser -add user1 -all

 

DCE: Adding DCE User `user1' ...

 

Enter cell_admin password :

 

Acquiring cell_admin credentials ...

 

Enter User's Full Name [John Smith]: User1 Test ID

Enter User's Password [user1]:

Enter Home Directory [/home/user1]:

Enter UID [888]: 785 Enter Group [hpss]:

Enter Organization [hpss]:

 

DCE: Principal `user1' added

DCE: Account information for `user1' added

DCE: User `user1' (User1 Test ID) added to DCE Registry

 

FTP: Adding FTP User `user1' ...

FTP: Creating directory for user ... Please wait

 

scrub> scrub> Umask set to 022

scrub> scrub> Destroying cell_admin credentials ...

FTP: User `user1' added.

 

AIX: Adding AIX User `user1' ...

Enter Group [hpss]:

AIX: User `user1' added.

 

SSM: Adding SSM User `user1' ...

Enter Hostname (where SAMMI Runtime resides) [hpss]:

 

Select SAMMI Security Level :

 

1. User

2. Privileged User

3. Operator

4. Admin

 

Enter Security Level [4]:

 

SSM: User `user1' added.

SSM: The Data Server needs to be recycled for the changes to take effect.

Ensure that the Name Server and the Bitfile Server are up and running before adding the FTP or DCE User ID. The hpssuser utility will not be able to create the user's home directory if the Name Server service is not available.

8.1.1.2 Add a UNIX User ID

The utility invokes the UNIX mkuser utility to create the User ID and Password.

Invoke the hpssuser utility as follows to add a UNIX User ID:

 

hpssuser -add <user> -unix

The utility will prompt the user for the required data. Following is an example of adding a UNIX User ID:

 

% hpssuser -add user1 -unix

 

UNIX: Adding AIX User `user1' ...

 

Enter User's Full Name [John Smith]: User1 Test ID

Enter User's Password [user1]:

Enter Home Directory [/home/user1]:

Enter UID [888]: 785

Enter Group [hpss]:

 

UNIX: User `user1' added.

8.1.1.3 Add a DCE User ID

The hpssuser utility invokes the DCE rgy_edit utility to create the DCE principal and account.

Invoke the hpssuser utility as follows to add a DCE User ID:

 

hpssuser -add <user> -dce

The utility will prompt the user for the required data. Following is an example of adding a DCE User ID:

 

% hpssuser -add user1 -dce

 

DCE: Adding DCE User `user1' ...

Enter cell_admin password :

Acquiring cell_admin credentials ...

 

Enter User's Full Name [John Smith]: User1 Test ID

Enter User's Password [user1]:

Enter Home Directory [/home/user1]:

Enter UID [888]: 785

Enter Group [hpss]:

Enter Organization [hpss]:

 

DCE: Principal `user1' added

DCE: Account information for `user1' added

DCE: User `user1' (User1 Test ID) added to DCE Registry

If Site-style accounting is used and Account Validation is disabled, add the -aaid=<id> option to the above invocation to apply a default account index to a user.

 

The hpssuser utility set the DCE pwdvalid flag to "no". DCE user must changed their DCE password upon logging onto DCE for the first time.

Ensure that the Name Server and the Bitfile Server are up and running before adding the FTP or DCE User ID. The hpssuser utility will not be able to create the user's home directory if the Name Server service is not available.

8.1.1.4 Add an FTP User ID

The hpssuser utility adds a password entry in the FTP Password file and create the user's home directory in HPSS.

Invoke the hpssuser utility as follows to create an FTP User ID:

 

hpssuser -add <user> -ftp

The utility will prompt the user for the required data. Following is an example of adding an FTP User ID:

 

% hpssuser -add user1 -ftp

 

FTP: Adding FTP User `user1' ...

 

Enter User's Full Name [John Smith]: User1 Test ID

Enter User's Password [user1]:

Enter Home Directory [/home/user1]:

Enter UID [888]: 785

Enter Group [hpss]:

 

FTP: Creating directory for user ... Please wait

scrub> scrub> Umask set to 022

FTP: User `user1' added.

Ensure that the Name Server and the Bitfile Server are up and running before adding the FTP User ID. The hpssuser utility will not be able to create the user's home directory if the Name Server service is not available.

8.1.1.5 Add an SSM User ID

The hpssuser utility creates an SSM Configuration directory for the user, creates the SSM User Configuration file ( ssm_console.dat ), adds the user's ID and security level in the SSM Authorization file ( user_authorization.dat ) and adds the user session's communication information into the api_config.dat file. Refer to [Section H.5] for more complete details on how the hpssuser utility sets up an SSM user. Refer to 11.1 SSM Security for more information on the SSM user security.

Invoke the hpssuser utility as follows to add an SSM User ID:

 

hpssuser -add <user> -ssm

The utility will prompt the user for the required data. Following is an example of adding an SSM User ID:

 

% hpssuser -add user1 -ssm

 

SSM: Adding SSM User `user1' ...

 

Enter User's Full Name [John Smith]: User1 Test ID

Enter Group [hpss]:

Enter Hostname (where SAMMI Runtime resides) [hpss]:

 

Select SAMMI Security Level :

 

1. User
2. Privileged User
3. Operator
4. Admin

Enter Security Level [4]:

SSM: User `user1' added.
SSM: The Data Server needs to be recycled for the changes to take effect.

8.1.2 Deleting HPSS Users

The hpssuser utility can be used by the administrator to delete existing User IDs for an HPSS user. The utility can be invoked to delete all User IDs for the user or to delete an individual ID.

The utility will prompt the user for the required data. Following is an example of deleting the User IDs for an HPSS user:

 

% hpssuser -del user1 -all

 

Enter cell_admin password :

Acquiring cell_admin credentials ...

 

DCE: User `user1' deleted.

Destroying cell_admin credentials ...

 

FTP: User `user1' deleted.

 

AIX: User `user1' deleted.

 

SSM: User `user1' deleted.

SSM: The Data Server needs to be recycled for the changes to take effect.

8.1.3 Listing HPSS Users

The hpssuser utility can be used by the administrator to list all existing HPSS User IDs. The utility can be invoked to list all HPSS User IDs or a particular type of User ID.

Following is an example of listing the User IDs for an HPSS user:

 

% hpssuser -list user1 -all

 

[ DCE User Info ]

user1 [hpss hpss]:*:785:210:User1 Test ID:/home/user1::

 

[ FTP User Info ]

user1:!:785:0:User1 Test ID:/home/user1:/bin/ksh

 

[ AIX User Info ]

user1 id=785 pgrp=hpss groups=hpss,staff home=/home/user1 shell=/bin/ksh gecos=User1 Test ID

 

[ SSM User Info ]

# User: user1 (User1 Test ID)

logical_server s2_evtsvr 0x20000120 18 hpss 180 200

logical_server s2_mstalm 0x20000121 18 hpss 180 200

logical_server s2_stream 0x20000122 18 hpss 180 200

8.1 Managing HPSS Users
     8.1.1 Adding HPSS Users
          8.1.1.1 Add all User IDs
          8.1.1.2 Add a UNIX User ID
          8.1.1.3 Add a DCE User ID
          8.1.1.4 Add an FTP User ID
          8.1.1.5 Add an SSM User ID
     8.1.2 Deleting HPSS Users
     8.1.3 Listing HPSS Users

Next Previous