Manual Chapter : Users User Groups and Roles

Applies To:

Show Versions Show Versions

BIG-IQ Device

  • 4.4.0
Manual Chapter

About users, user groups, and roles

A user is an individual to whom you provide resources. You provide access to users for specific BIG-IQ system functionality through authentication. You can associate a user with a specific role, or associate a user with a user group and then associate the group with a role. A role is defined by its specific privileges. A user group is a group of individuals that have access to the same resources. When you associate a role with a user or user group, that user or user group is granted all of the role's corresponding privileges.

Changing the default password for the administrator user

You must specify the management IP address settings for the BIG-IQ system to prompt the system automatically create the administrator user.
After you initially license and configure the BIG-IQ system, it is important to change the password for the administrator password user from the default password, admin.
  1. Log in to BIG-IQ System with your administrator user name and password.
  2. At the top of the screen, click Access Control.
  3. On the Users panel, click the properties gear for Admin User.
  4. In the Old Password field, type the password.
  5. In the Password and Confirm Password fields, type a new password.
  6. Click the Add button.

Changing the default password for the root user

You must specify the management IP address settings for the BIG-IQ system to prompt the system automatically create the root user.
After you initially license and configure the BIG-IQ system, it is important to change the password for the root user from the default password, default.
  1. Log in to BIG-IQ Device with your administrator user name and password.
  2. At the top of the screen, click Access Control.
  3. On the Users panel, click the gear icon for the root user.
  4. In the Old Password field, type the password.
  5. In the Password and Confirm Password fields, type a new password.
  6. Click the Save button.

Creating a BIG-IQ system user

You create a user so you can then associate that user with a particular role to define access to specific BIG-IQ system resources.
  1. Log in to BIG-IQ System with your administrator user name and password.
  2. At the top of the screen, click Access Control.
  3. Hover over the Users header, and click the + icon when it appears. The panel expands to display the User properties.
  4. From the Auth Provider list, select the provider that supplies the credentials required for authentication.
  5. In the Full Name field, type a name to identify this user. The full name can contain a combination of symbols, letters, numbers and spaces.
  6. In the Password and Confirm Password fields, type the password for the new user.
  7. Click the Add button.
You can now associate this user with a role.

Associating a user or user group with a role

Before you can associate a user or user group with a role, you must create a user or user group.
When you associate a user or user group with a role, you define the resources users can view and modify.
  1. Log in to BIG-IQ System with your administrator user name and password.
  2. At the top of the screen, click Access Control.
  3. In the Users or User Groups panel, click the name you want to associate with a role, and drag and drop it on a role in the Roles panel. A confirmation pop-up screen opens.
  4. Click the Confirm button to assign the user or user group to the selected role.
This user or user group now has access to the resources associated with the role you specified.

Disassociating a user from a role

Use this procedure to disassociate a user from an assigned role.
  1. Log in to BIG-IQ System with your administrator user name and password.
  2. At the top of the screen, click System >Users.
  3. Click the name of the user you want to edit.
  4. For the User Roles property, delete the user role that you want to disassociate from this user.
  5. Click the Save button to save your changes.
This user no longer has the privileges associated with the role you deleted.