To create local users and groups in SuperADMIN, use the
This page contains a worked example of:
- Creating new user accounts for the users John Smith and Jane Doe.
- Creating a group called standardusers.
- Adding the new users to this group.
To create these new users, login to SuperADMIN, then use the following commands:
Create the user accounts:TEXT
> account createuser jsmith "John Smith" us$rpwd! > account createuser jdoe "Jane Doe" us$rpwd2!
In this example:
jsmith and jdoe are the unique IDs for these new users.
- John Smith and Jane Doe are the display names for these users. Quotes need to be used because the names have a space in them.
- The passwords are specified inline. As an alternative you can omit the password and you will be prompted to enter and confirm the user password.
Create the new group:TEXT
> account creategroup standardusers "Standard System Users"
Add the new users to this group:TEXT
> account jsmith addmembership standardusers > account jdoe addmembership standardusers
We now can check the group to confirm the list of group members using the following command:TEXT
> account standardusers users [jdoe:Jane Doe, jsmith:John Smith]
These new users can now login using one of the clients, but they will not have access to any databases on this server. To change that, we need to use the
Suppose we want to give these users access to the sample Retail Banking database. We can do this by giving the new group access, using the
> cat bank access standardusers read true
In this case bank is the internal ID for the Retail Banking database. You can find out the database ID of any database by typing the
catcommand on its own (this will list all the databases on this server, showing their database IDs).
The two new users can now login using one of the clients (such as SuperCROSS or SuperWEB2) and access the Retail Banking database.
Other Typical Settings
The following are some other typical changes you might need to make to the user accounts. All of these commands are explained in more detail in the
account reference page:
|Check or set the maximum login attempts before an account is locked|
As a security measure, you can configure user accounts to automatically lock if the wrong password is entered a certain number of times.
If you do not want accounts to lock at all, no matter how many times users provide the wrong details, set this to
account maxattempts 3
|Set the lock time for accounts|
If an account becomes locked because of too many failed logins you can set a time (in seconds) before the account automatically unlocks. During this time the user will not be able to login even if they specify the correct credentials.
If you set the
account locktime 60
|Lock or unlock a user's account||Use the |
account jsmith lock
Change a user's password
| Use the |
account jsmith setpassword
Note about Deleting Users and Groups and Reuse of User and Group IDs
If you delete a user account or group, you are recommended not to reuse the ID when creating subsequent users or groups. Due to a known issue, in some cases a new user or group may inherit the permission of the previous user or group, if they share the same user ID.
For this reason, you are recommended not to reuse IDs from previously deleted users and groups when creating new users and groups. The problem only occurs when IDs are reused; you can use the same display name as a previously deleted user or group and the issue will not occur (as long as the ID is different).