Only Organization Administrators can see the Users tab on the top navigation bar. If you click the Users tab, the Users category and links appear. These pages enable you to grant and edit permissions for those who administer your system groups. Click in the User List to modify users within your organization.
Click the create new user link on the top-right corner of the page to add new users to the organization. When registering a system, a user account can be created and added to the organization. This should be coordinated by the Organization Administrator. Refer to Section 5.3 Registering a User Account for instructions.
On the Create User page, complete all required fields, including all login information. To delegate responsibilities within your organization, Red Hat Network provides several roles with varying degrees of responsibility and access. This list describes the permissions of each and the differences between them:
User — Also known as a System Group User, this is the standard role associated with any newly created user. This person may be granted access to manage system groups and software channels. The systems must be in system groups to which the user has permissions for them to be manageable or even visible. Remember, however, all globally subscribable channels may be used by anyone.
Activation Key Administrator — This role is designed to manage your organization's collection of activation keys. This person can create, modify, and delete any key within your overarching account.
INCLUDE — This role has complete access to the software channels and related associations within your organization. It requires RHN Satellite Server or RHN Proxy Server. This person may change the base channels of systems, make channels globally subscribable, and create entirely new channels.
Configuration Administrator — This role enables the user to manage the configuration of systems in the organization using either the RHN website or the Red Hat Network Configuration Manager.
Monitoring Administrator — This role allows for the scheduling of probes and oversight of other Monitoring infrastructure. This role is available only on Monitoring-enabled RHN Satellite Server version 3.6 or later.
Organization Administrator — This role can perform any function available within Red Hat Network. As the master account for your organization, the person holding this role can alter the privileges of all other accounts, as well as conduct any of the tasks available to the other roles. Like the other roles, multiple Organization Administrators may exist.
System Group Administrator — This role is one step below Organization Administrator in that it has complete authority over the systems and system groups to which it is granted access. This person can create new system groups, delete any assigned systems groups, add systems to groups, and manage user access to groups.
Click the Create Login button on the bottom right-hand corner of the page to create the user. Once the login is created, you can click on the username in the User List to make system and group assignments. Refer to Section 6.8.1.1 User List ⇒ Active ⇒ User Details — for more information.
This tab lists all active users of your RHN account. It displays the following basic information about each user: their username, real name, roles, and the date of their last sign in.
As shown in Figure 6-20, each row in the User List represents a user within your organization. There are four columns of information for each user:
Username — The login name of the user. If you click on a username, the User Details page for the user is displayed. Refer to Section 6.8.1.1 User List ⇒ Active ⇒ User Details — for more information.
Real Name — The full name of the user (last name first).
Roles — List of the user's privileges, such as Organization Administrator, Channel Administrator and normal user. Users can have multiple roles.
Last Sign In — Shows when the user last logged into RHN.
The User Details page allows Organization Administrators to manage the permissions and activity of all users. Included in the User Details page is the ability to delete or deactivate users.
Users may now be deactivated directly from the RHN web interface. RHN Satellite Server customers may deactivate or delete users from their systems, although non-Satellite customers must contact Customer Service to delete a user. Users may be deactivated or deleted by Organization Administrators, or users may deactivate their own accounts.
Deactivated users cannot log in to the RHN web interface, nor may they schedule any actions. Organization Administrators may not be deactivated until that role is removed from their account. Actions scheduled by a user prior to their deactivation remain in the action queue. For added flexibility, deactivated users may be reactivated by Organization Administrators.
User deletion from the web interface is available exclusively to RHN Satellite Server customers. The Organization Administrator role must be removed from a user before that individual may be deleted.
Warning | |
---|---|
User deletion is irreversible; exercise it with caution. Consider disabling the user first in order to assess the effect deletion will have on your infrastructure. |
To deactivate a user:
Navigate to the user's User Details tab.
Verify that the user is not an Organization Administrator. If they are, uncheck the box to the left of that role and click the Submit button in the lower right of the screen.
Click the deactivate user link in the upper right of the screen.
Click the Deactivate User button in the lower right to confirm.
To delete a user:
Navigate to the user's User Details tab.
Verify that the user is not an Organization Administrator and remove that role if necessary.
Click the delete user link in the upper right.
Click the Delete User button to permanently delete the user.
For instructions regarding deactivating your own account, refer to Section 6.3.1.3 Account Deactivation.
This is the default User Details tab, which displays the username, first name, last name, email address, and user roles for the user. All of this information is modifiable. To do so, make your changes and click the Update button. Remember, when changing a user's password, you will see only asterisks as you type the password.
While it is possible for one Organization Administrator to remove Organization Administrator rights from another user, it is impossible to remove Organization Administrator rights from the sole remaining Organization Administrator. It is possible to remove your own Organization Administrator privileges so long as you are not the last Organization Administrator.
To assign a user a new role, select the appropriate checkbox. Remember that Organization Administrators are automatically granted administration access to all other roles, signified by grayed-out checkboxes. To grant a user the ability to manage the configuration of systems, select the Configuration Administrator checkbox. When satisfied with the changes, click Update.
This tab displays a list of system groups that the user may administer. Organization Administrators may use the check boxes to set this user's access permissions to each system group. Check or uncheck the box to the left of the system group and click the Update Permissions button to save the changes.
Organization Administrators may select one or more default system groups for this user. When the user registers a system, that system is assigned to the selected group or groups. This allows the user to have access to the newly-registered system immediately, if he or she has permissions to one or more of the groups to which the system is assigned. System Groups to which this user has access are preceded by an (*).
This tab lists all systems to which the user has access permission. These systems come from the system groups assigned to the user on the previous tab. You may choose a set of systems to work with by checking the boxes to the left of the systems and clicking the Update List button. Use the System Set Manager page to execute actions on those systems. Clicking the name of a system takes you to its System Details page. Refer to Section 6.4.2.8 System Details for more information.
This tab lists all channels available to your organization. You may grant explicit channel subscription permission to this user for each of the channels listed by checking the box to the left of the channel and clicking the Update Permissions button. Permissions granted through Organization Administrator status, INCLUDE status, or because the channel is globally subscribable have no checkbox, but display a check icon instead.
Identifies channels to which the user may subscribe systems. To change these, select or unselect the appropriate checkboxes and click the Update Permissions button. Note that channels subscribable through the user's admin status or the channel's global setting cannot be altered. They are identified with a check icon.
Identifies channels the user may manage. To change these, select or unselect the appropriate checkboxes and click the Update Permissions button. This status does not enable the user to create new channels. Note that channels automatically manageable through the user's admin status cannot be altered. They are identified with a check icon. Remember, Organization Administrators and Channel Administrators can subscribe to or manage any channel.
This page allows you to configure whether the user receives email notifications, the number of entries displayed per list page, and the timezone of the user. Make selections and click the Save Preferences button to update.
Email Notification — Determine whether this user should receive email every time an Errata Alert is applicable to one or more systems in his or her RHN account, as well as daily summaries of system events.
RHN List Page Size — Maximum number of items that appear in a list on a single page. If more items are in the list, clicking the Next button displays the next group of items. This preference applies to the user's view of system lists, Errata lists, package lists, and so on.
Time Zone — Set this user's time zone so that scheduled actions are arranged according to the time in the relevant time zone.
Red Hat Contact Options — Identify what ways (email, phone, fax, or mail) Red Hat may contact the user.
To modify any of these options, make your changes and click the Save Preferences button.
This tab lists the addresses associated with the user's account. To update this information, click the appropriate Edit this address link, enter the relevant information, and click the Update button.
This tab lists email and pager addresses designated to receive alerts from Monitoring probes. To create a method, click create new method and complete the fields. If you will receive these alerts via pager, select the associated checkbox to have the messages sent in a shorter format. When finished, click Create Method. The method shows up in the Methods list, from which it can be edited and deleted.
You may delete notification methods here, as well. If the notification method has probes attached to it, you are presented with a list of the probes. Note that if you are a Monitoring Administrator and cannot manage the system in question, the System Details and probe's Current State page are not accessible via links in their names. As always, Organization Administrators have full access to all aspects of your RHN account.
This page lists all users who have been deactivated. To reactivate any of the users listed here, click the check box to the left of their name and click the Reactivate button followed by the Confirm button. Reactivated users retain the permissions and system group associations they had when they were deactivated. Clicking on the User Name of any individual takes you to their User Details page.
The All page lists all users that belong to your organization. In addition to the fields listed in the previous two screens, the table of users includes a Status field. This field indicates whether the user is Active or Deactivated. Deactivated users are also grayed out to indicate their status. Click on the username to move to the user's User Details page.