2.6. Managing Acronis Storage Users¶
During the management panel installation on the first node, Acronis Storage creates the default unique administrator account, superadmin. The user name for this account is
admin and the password is specified during installation. This account cannot be deleted and its privileges cannot be changed. Other than that, superadmin does not differ from a user account assigned the Administrator role (i.e. an admin).
An admin can create user accounts and assign to them one or more roles listed below:
- Administrator. Can fully manage cluster and users.
- Network. Can modify network settings and roles.
- Cluster. Can create cluster, join nodes to cluster, and manage (assign and release) disks.
- iSCSI. Can create and manage iSCSI targets and LUNs.
- S3. Can create and manage S3 cluster.
- Acronis Backup Gateway. Can create and manage Acronis Backup Gateway.
- SSH. Can add and remove SSH keys for cluster nodes access.
- Updates. Can install updates.
User accounts to which no roles are assigned are guest accounts. Guests can monitor Acronis Storage performance and parameters but cannot change any settings.
All users can change their own passwords (see Managing User Accounts).
2.6.1. Creating User Accounts¶
To create a user account in the web-based user interface, do the following:
Log in to the management panel as admin.
Open the SETTINGS > Users screen and click ADD USER.
On the Add user panel, specify the user name, password, and, if required, a user description in the corresponding fields.
Check the roles to assign to the account and click Done.
2.6.2. Managing User Accounts¶
Any user can change their account password by clicking the user icon in the top right corner of the management panel and then clicking Change password.
An admin can create/delete other users’ accounts, add/remove roles from them, change their descriptions and passwords (although superadmin’s password can only be changed by superadmin), as well as enable/disable user accounts (i.e. allow/prohibit user login). To manage a user account, login as an admin, open the Settings -> Users screen, select a user from the list, and click Configure or Delete depending on what you need to do.
2.6.3. Adding LDAP or Active Directory Users¶
You can add users and user groups to Acronis Storage from an external LDAP-compliant database or Microsoft Active Directory. These users will be able to log in using their respective user names and passwords. The set of actions these users will be able to perform in Acronis Storage will be defined by the roles you assign in Storage (listed in Managing Acronis Storage Users).
To add an LDAP (or AD) user or group to Acronis Storage, do the following:
On the SETTINGS > Advanced settings screen, open the LDAP/AD tab.
Microsoft Active Directoryfrom the Type drop-down list.
Specify the following parameters:
- IP Address of an LDAP server or AD domain controller;
- (optional) LDAP Port;
- Bind DN (a distinguished name of an LDAP authentication database user) or Login (AD);
- Bind Password (LDAP) or Password (AD);
- Search Base DN, a distinguished name of a search starting point;
- (optional) Advanced LDAP or AD parameters.
Click Save to authenticate in Active Directory or LDAP server.
On the SETTINGS > Users screen, click ADD LDAP USER.
On the Add LDAP users panel, select users or user groups to add to Acronis Storage and click Add.
On the Roles panel, select the roles to assign to selected users or user groups.
If a role is assigned to a group, every user in it is granted the corresponding privileges.
Click Add to add users to Acronis Storage.