Subscribe to this informationManaging users on the Virtual I/O Server
You can create, list, change, switch, and remove users by using Virtual I/O Server or the IBM® Tivoli® Identity Manager.
When the Virtual I/O Server is installed, the only user type that is active is the prime administrator (padmin having the default role PAdmin). The prime administrator can create additional user IDs with types of system administrator, service representative, development engineer, or other users with different roles.
The following table lists the user management tasks available on the Virtual I/O Server, as well as the commands you must run to accomplish each task.
| Task | Command |
|---|---|
| Change passwords | cfgassist |
| Create a system administrator user ID | mkuser. This assigns Admin as the default role. |
| Create a service representative (SR) user ID | mkuser with the -sr flag. This assigns SRUser as the default role. |
| Create a development engineer (DE) user ID | mkuser with the -de flag. This assigns DEUser as the default role. |
| Create users with varied access rights | mkuser with the -attr flag by specifying roles and default_roles attributes. This assigns users with varied access rights, enabling them to access a varied set of commands. |
| Create an LDAP user | mkuser with the -ldap flag |
| List a user's attributes For example, determine whether a user is an LDAP user. |
lsuser |
| Change a user's attributes | chuser |
| Switch to another user | su |
| Remove a user | rmuser |
You can use the IBM Tivoli Identity Manager to automate the management of Virtual I/O Server users. Tivoli Identity Manager provides a Virtual I/O Server adapter that acts as an interface between the Virtual I/O Server and the Tivoli Identity Manager Server. The adapter acts as a trusted virtual administrator on the Virtual I/O Server, performing tasks like the following:
- Creating a user ID to authorize access to the Virtual I/O Server.
- Modifying an existing user ID to access the Virtual I/O Server.
- Removing access from a user ID. This deletes the user ID from the Virtual I/O Server.
- Suspending a user account by temporarily deactivating access to the Virtual I/O Server.
- Restoring a user account by reactivating access to the Virtual I/O Server.
- Changing a user account password on the Virtual I/O Server.
- Reconciling the user information of all current users on the Virtual I/O Server.
- Reconciling the user information of a particular user account on the Virtual I/O Server by performing a lookup.
For more information, see the IBM Tivoli Identity Manager product manuals.
