Applies To:

Show Versions Show Versions

Manual Chapter: Managing User Account Data
Manual Chapter
Table of Contents   |   << Previous Chapter   |   Next Chapter >>

9
When you manage BIG-IP® systems, you usually create and manage user accounts individually on each of these devices. If you have a large number of systems, it can be labor intensive to keep track every users specific privileges on each device.
Using Enterprise ManagerTM to manage user accounts saves you valuable time by providing you lists of all users in your network, and each device on which they have access privileges. You can also view user accounts in the context of device groups to see which users have access to which devices in a custom device group.
Note: See the Managing User Accounts chapter in the TMOS® Management Guide for BIG-IP® Systems for further information about user accounts, including understanding user account types and user roles, and managing an authentication source.
You can view all users for the managed devices in your network from the Enterprise Manager user list. The user list provides you centralized access to details about each user account, without requiring that you to log on to the individual devices.
On the navigation pane, expand Enterprise Manager and click Users.
The users list displays. The numbers in the Devices and Device Group columns indicate how many devices or device groups to which a user has access.
Figure 9.1 User list example
For either option you choose, the user properties list opens, listing the users web access and shell (or console) access roles on each device or device group. From these screens, you can drill down further for more detail about the users roles on devices and in device groups.
Note: On the user-specific device groups screen, a role may be labeled as Mixed. This indicates that the user has different roles on at least two unique devices that are members of the selected device group.
1.
On the Main tab, expand Enterprise Management, and click Devices.
The Device List screen opens.
3.
On the menu bar, click Launch Pad.
The Launch Pad screen opens.
4.
In the Type column, click the Users link.
The device user list opens to display all the users on the currently selected device.
On some user screens, Enterprise Manager provides a link to the managed devices Configuration utility. You can use this link to manage a specific user account on the managed device.
On the User Properties list screen, or the Device Group User Access screen, click the Launch link to open the managed devices configuration utility to manage the adjacent user account.
When you configure user account information on a BIG-IP system, you set parameters such as user names and passwords, shell access information, web interface and root access privileges, and an authentication source. When you configure BIG-IP systems individually, you must log on to each device and specify these parameters.
To configure this information more quickly and easily, you can use the Manager Copy User Access Configuration wizard. With this feature, you can create a common user account configuration on one device, and replicate that user account information on as many devices as required. This means that you can efficiently add new users and user account information to devices in your network from one central location.
The Copy User Access Configuration wizard functions in a manner similar to other wizards in Enterprise Manager and involves starting a task, selecting a target and source device, setting task options, and reviewing task settings before starting the task.
1.
On the Main tab, expand Enterprise Management, and click Tasks.
The Task List Screen opens.
2.
Click New Task.
The New Task screen opens.
3.
For the User Access, option, click Copy User Access Configuration.
4.
Click Next to move to the Step 1 of 3 screen.
On the Step 1 of 3 screen of the wizard, you can select source and destination devices, and choose what type of configuration data to copy.
1.
From the Source Device list, select the device that you want to use as the data source for user configuration data.
2.
For Configuration Data, check the box next to each type of data that you want to copy from the source device.
3.
From the Device Group list, select one of the following options to specify the types of devices displayed.
4.
From the Devices list, select an option to further narrow the managed devices displayed.
5.
In the Compatible Devices area, check the box next to each device to which you want to copy configuration data.
6.
Click Next to move to Step 2 of 3.
1.
From the Device Users list, select the action that you want the system to take when copying user accounts to a destination device.
Add users not already present on the device: The system adds users from the source device to the user list on each destination device, without changing any user account information already configured on the destination device.
Replace users on device: The system deletes the user account list on the destination device and replaces it with the user account list from the source device.
2.
From the Device Error Behavior list, select the action you want the system to take if an error occurs during installation.
Continue task on remaining devices: The system continues installing the software for selected devices on which an error was not encountered, until the task is finished.
Cancel task on remaining devices: The system stops the task immediately if an error occurs, and does not complete the installation on any devices still pending.
3.
Click Next to move to the Step 3 of 3 screen.
You can review task options and start the task from the Task Review screen. This screen summarizes the task, including the source device, the configuration data to be copied, and the destination devices.
1.
To remove any user accounts from the configuration copy task, in the Configuration Data table, click the Edit link adjacent to the Users entry.
The Configuration Data screen opens, where you can specify users to include in the task.
2.
When the settings are correct, click Start Task.
The Task Properties screen opens and displays information about the configuration copy task.
In addition to the Copy User Access Configuration wizard, you can initiate a configuration copy task for a specific device from the device Launch Pad screen. The Launch Pad screen provides an overview of user accounts, shell access settings, and authentication information for a device.
1.
On the Main tab, expand Enterprise Management, and click Devices.
The Device List screen opens.
2.
Click the name of the device that contains the user configuration data that you want to copy to another device.
The Device Properties screen opens.
3.
On the menu bar, click Launch Pad.
The Launch Pad screen opens.
5.
Below the list, click Copy.
The Step 1 of 3 screen of the Copy User Access Configuration wizard opens with the Source Device and Configuration Data settings selected.
Tip: If you want to select specific users to copy during the copy configuration task, click the Users link in the Device Settings table to open the device user list where you can select specific user accounts to include in the task.
When you use Enterprise Manager as your user management system, you can create a task to automate a password change process for any user on any managed device in your network. This saves time as well as ensures that when you change a user account password, the new password is identical for the user on each device that you select.
You can use the Change User Password to assist you with changing user passwords. This wizard works in a way similar to other wizards in Enterprise Manager, and involves four main procedures:
Selecting the user whose password you want to change and specifying the devices on which you want to change the password
1.
On the Main tab, expand Enterprise Management, and click Tasks.
The Task List Screen opens.
2.
Click New Task.
The New Task screen opens.
3.
For the User Access setting, select the Change User Password option, and click Next.
The Step 1 of 4 screen opens.
1.
From the User Name list, select the user whose password you want to change.
2.
From the Device Group list, specify the types of devices displayed.
3.
From the Devices list, select an option to further narrow the managed devices displayed.
4.
In the Compatible Devices area, check the box next to each device for which you want to change the users password.
5.
Click Next to move to Step 2 of 4.
1.
For the Authentication setting, in the Password box type the new user password.
2.
In the Confirm box, re-type the password.
3.
Click Next to move to Step 3 of 4.
1.
From the Device Error Behavior list, select the action you want the system to take if an error occurs during installation.
Continue task on remaining devices: The system continues installing the software for selected devices on which an error was not encountered, until the task is finished.
Cancel task on remaining devices: The system stops the task immediately if an error occurs, and does not complete the installation on any devices still pending.
2.
Click Next to move to the Step 4 of 4 screen.
The Step 4 of 4 screen summarizes the task, including the user account for which you are changing the password, and the devices on which you are changing the users password.
1.
To change the password you specified on the Step 2 screen, click the Edit link adjacent to the User Name entry.
The Edit Task Item screen appears where you can specify a new password for the task.
2.
When the settings are correct, click Start Task.
The Task Properties screen opens and displays information about the configuration copy task.
Table of Contents   |   << Previous Chapter   |   Next Chapter >>

Was this resource helpful in solving your issue?




NOTE: Please do not provide personal information.



Incorrect answer. Please try again: Please enter the words to the right: Please enter the numbers you hear:

Additional Comments (optional)