Access Appliance Online Help
- Getting started- About Access Appliance
- Enabling certificate-based authentication in Access Appliance
- Configuring storage for LTR
- About the dashboard
- Setting up the storage type for provisioning
- About the CIFS shares
- About managing CIFS shares for Enterprise Vault
- About the NFS shares
- About an iSCSI target
- Creating an iSCSI target and provisioning LUNs
- About S3 buckets for NetBackup
- Using the Access Appliance product documentation
- Changing your password
 
- Managing storage
- Managing file sharing services
- Monitoring and troubleshooting
- Provisioning and managing file systems- Creating a file system
- Setting the maximum IOPS
- Creating a snapshot
- Restoring a snapshot
- Configuring a replication job- Stopping or starting a replication job for VVR
- Pausing and resuming a replication job for VVR
- Enabling or disabling a replication job for VFR
- Synchronizing a replication job for VFR
- Failing over or failing back a replication job for VVR
- Failing over or failing back a replication job for VFR
- Unconfiguring a replication job for VFR
- Unconfiguring a replication job for VVR
 
- Viewing the list of iSCSI targets
- Adding an initiator for an iSCSI target
- Removing an initiator for an iSCSI target
- Adding portal IPs for an iSCSI target
- Setting up authentication for an iSCSI target
- Viewing the list of initiators for an iSCSI target
- Viewing the portal IPs for an iSCSI target
- Removing portal IPs for an iSCSI target
- Removing authentication settings for an iSCSI target
- Removing an iSCSI target
- Removing the file system store for an iSCSI target
- Viewing the list of LUNs for an iSCSI target
- Creating a LUN for an iSCSI target
- Increasing the size of a LUN for an iSCSI target
- Reducing the size of a LUN for an iSCSI target
- Removing a LUN for an iSCSI target
- Cloning a LUN for an iSCSI target
- Creating a snapshot of a LUN for an iSCSI target
- Viewing the list of snapshots for an iSCSI target
- Removing a LUN snapshot
- Restoring a LUN snapshot
 
- Provisioning and managing shares- About file sharing protocols
- About concurrent access
- About concurrent access with NFS and S3
- Sharing directories using CIFS and NFS protocols
- Adding a share
- NFS protocol options
- CIFS protocol options
- About buckets and objects
- About Active Directory (AD)
- Logging on as an active directory user
- Creating access and secret keys for an active directory user
- Exporting an NFS share as an S3 bucket
- Viewing information about a share
- Accessing share details
- Configuring a favorite share
- Deleting a share
- Managing permissions for CIFS shares
- Managing clients for the NFS shares
 
- Managing policies- About policies for storage provisioning
- About policies for long-term data retention
- About policies for archiving data using Enterprise Vault
- About policies for file systems
- About pattern matching for data movement policies
- Viewing information about policies
- Activating storage policy templates
- Activating long-term data retention policies
- Activating archival policies
- Creating an S3 bucket
- About cloud-storage tiering
- Workflow for adding a cloud tier
- About tiering policies
- Adding a secondary tier
- Viewing information about the secondary tier
- Adding or editing a tier policy on a secondary tier
- Creating a policy schedule
 
- Managing settings- Viewing Access Appliance settings
- About the cloud gateway
- Viewing information about cloud services
- Adding and removing a cloud service
- Viewing discovery information about your cluster
- About the Lightweight Directory Access Protocol
- Configuring LDAP
- Configuring Active Directory
- About user management
- Adding and removing user roles using GUI
- Performing user management using CLISH
- Configuring the NTP server
- Starting or stopping the CIFS or NFS servers
- Starting or stopping the S3 server
- Adding or removing storage pools for S3 users
- Configuring the /etc/hosts file for mapping of S3 users
- Registering a NetBackup master server or an EMM server
- Modifying a NetBackup media server list
- Viewing information about your NetBackup configuration with Access Appliance
- About cluster management
- Setting up the time and the time zone for the cluster
- About replication
- Viewing information about events
- Purging events
- About Access Appliance product licensing
- Setting object server default parameters
- Setting up the object server group-specific parameters
- Viewing information about S3
- Configuring the KMS server
- About the CIFS service management
- Setting up the home directory
- About the File Transfer Protocol
- About Veritas Data Deduplication
- About alert management
- STIG overview for Access Appliance
- FIPS compatibility list
 
- Index
Performing user management using CLISH
The following administrator roles are included with Access Appliance:
- Master 
- System Administrator 
- Storage Administrator 
You can add additional users with these roles. To add the different administrator roles, you must have master privilege.
Note:
When adding a new user, you must assign a password.
To add a user with specific privileges
- Enter the following to add a user with specific privileges:Admin> user add username role where role is the role that you want to assign to the user. 
Note:
The AD username cannot contain space.
To delete a user
- Enter the following to delete a specified user from the current system.Admin> user delete username 
To change a user's password
- Enter the following command to change the password for the current user:Admin> passwd You are prompted to enter the old password first. If the password matches, then you are prompted to enter the new password for the current user. 
- Enter the following command to change the password for a user other than the current user:Admin> passwd [username] You are prompted to enter the old password first. If the password matches, then you are prompted to enter the new password for the user. Note: A user that does not have master role (Appliance Administrator role) cannot change the password via command-line interface (by connecting to a node using SSH and accessing the command-line interface). The user must log in to the Access Appliance GUI and change the password. 
- To change the default password of the sysadmin user (IPMI user account), enter the following command:Admin> ipmi passwd username old_password new_password where username is sysadmin 
To display a list of current users
- Enter the following to display the current user:Admin> show [username] 
- Enter the following to display a list of all the current users:Admin> show Enter the following to display the details of the administrator with the user name master: Admin> show master 
To add master role to a local or domain user
- Enter the following to add a user role to  Access Appliance:Admin> user modify role add username role domain where domain can be local, ad or ldap. - Domain is an optional argument with the default value as local. 
- For local user, only the username is required. 
- You can assign only a master role to LDAP and AD users. 
- For AD, enter - domain\\username.
- For LDAP, enter - username.
 
To delete a master role from a local or domain user
- Enter the following to delete the master role from a user account:Admin> user modify role delete username role domain 
To add a role to a domain group
- Enter the following to add a role to a specific domain group:Admin> group modify role add groupname role domain where domain can be ad or ldap. 
Note:
The AD group name cannot contain a space.
- For AD, enter - domain\\groupname.
- For LDAP, enter - groupname.
To remove a role from a domain group
- Enter the following to delete the specified role  from  a specific domain group:Admin> group modify role delete groupname role domain where domain can be ad or ldap. 
Note:
If the domain user is AD or LDAP, then you must configure NSS for that user using the Network nsswitch conf command. For an LDAP user, the NSS lookup should be set to ldap and for an AD user, the NSS lookup should be set to winbind. For more information,