Pular para o conteúdo principal
Base de Conhecimento da FocusVision

umanage: Creating and Managing Shell Users

  Requires Decipher Cloud

1: Overview

The umanage script is used for user administration in the shell.

The script allows us to perform a range of user-related operations such as adding/updating users, getting a full list of current staff users, as well as creating and managing user groups in the shell. The umanage script can also be used to generate password reset links for users.  

umanage syntax:

umanage [option] [username] 

2: umanage Options

2.1: list  

umanage list all

The list option will show all users in the system and the following information:

  • shell username - This is the shell username of the staff account listed. If it is a dash than it means they are full staff in the portal but do not have shell access.

  • email - The staff user’s email address that is used to log into the Portal.

  • Flags:  

    • S - User is a full staff account

    • I - Portal account for this user is inactive

    • N - Shell account for this user is inactive

    • G - User not manageable by your account

  • Groups: These are groups the user belongs to. Groups control what level of access a user has to the server.

    • sudo - The user has root access to the server.

    • supervisors - The user is a supervisor and can use the umanage tool.

    • other groups - When used with ACL setup as defined below this other groups name grant access to various folders

2.2: create

umanage create email@domain.com

The create option creates a new user with the email address entered. If the user already exists it will ask if you want to keep the user or remove them. When a new user is created and shell access is granted it will output a temporary password that is to be used to access the server after which a new password must be created by that user. With ACL setups, it will prompt for the user group or full staff permissions.

2.3: password

umanage password user

Where "user" is the shell username.

The password option can be used to reset a user's shell password.

For portal passwords, you can use the password reset link through the portal or reset using the user management menu on the company page.

2.4: group

The group option changes which groups a user is a  member of.

umanage groups user +group

Adds a user to a group.

umanage groups user -group

Removes a user from a group.

umanage groups user -all 

Removes a user from all groups.

2.5: disable

Depending on the user's account type, the syntax for the disable option will be one of the following:

 

If you are disabling a staff user without shell access.

umanage disable email@domain.com

If you are disabling a staff user with shell access.

umanage disable user

Where "user" is the shell username for that person's account.

This disables access to both the portal and shell (if applicable).

2.6: enable

Depending on the user's account type, the syntax for the enable option will be one of the following:

If you are enabling a staff user without shell access.

umanage enable email@domain.com

If you are enabling a staff user with shell access.

umanage enable user

Where “user” is the shell username for that person's account.

This re-enables access to both the portal and shell (if applicable).

2.7: link

umanage link <email><shell>

The link option associates a shell account to a portal account that is not already linked.

Unlinked shell accounts will display a "- " for email when using umanage list.

3: ACL Required Options

All options listed below require the enabling of access control lists (ACL) at the server level.

3.1: newgroup

umanage newgroup <group name> 

The newgroup option creates a new restricted user group to be used when restricting access to a directory.

3.2: set  

umanage set <directory> <group>

The set option sets ownership of a directory to a specific group. This allows you to restrict access of a directory so only specific users can modify it.

3.3: demote

umanage demote email@domain.com

The demote option removes staff permissions from a user, but it keeps the shell account.

3.4: promote

umanage promote email@domain.com

Use the promote option to turn an existing restricted user into a full staff user in the portal and will add all group names to their membership

3.5: get

umanage get <directory>

The get option allows you to view groups with ownership of a directory.

  • Este artigo foi útil?