If you are using a single sign on, you may need to ask your system administrator to update your details
To disable this option for standard users:
If the administrator can only manage users in one tenant, or logs in to multiple tenants separately, the platform displays the Users panel without the Enterprises list.
Before you begin:
The enterprise that the user will belong to.
The user's first name and family name
The Role of the user defining their set of privileges on the platform
|Scope||The Scope of a user defining the set of enterprise and datacenters that they can manage on the platform|
The username for login. After you create the user, you cannot change the username
The user account password. Requirements are set by the options of Configuration → Security. See also Manually reset a user password
Re-enter the password
The contact e-mail address of the user for platform messages, including password reset. The platform will display a Gravatar icon associated with this address on the Users's card
|Phone number||The phone number of the user. The platform will not validate this field.|
By default, all users can access all virtual datacenters. This tab will not display if the user you are creating or editing has the No VDC restriction privilege.
Select one or more checkboxes to create a list of virtual datacenters to allow the user access.
If none are selected, the user can access all VDCs.
Optional description of the user account, maximum 100 characters
|Public key||SSH key for secure access to VMs. Add this key before you create your VMs|
|Allowed CIDRs||To restrict user access, enter the allowed network addresses in CIDR format. This network address will have priority inherited allowed CIDRs. Requires the Manage user allowed CIDRs privilege. By default users can access the platform from any IP address.|
|Inherited allowed CIDRs||If the user does not have allowed CIDRs, and the user's role and/or scope have CIDRs, then the platform will display the allowed CIDRs that apply to the user, which are inherited from the role and/or scope.|
|Reset password on next login|
If this checkbox is selected, the user must reset their password the next time they log in.
If this checkbox is selected, the user account is active and the user can log in.
If you need to stop a user from working with or logging in to the platform on a temporary basis, you can suspend the user account.
To suspend a user account:
The platform will suspend the account. When a user account is suspended, the platform will log the user out immediately. Be careful not to disable your own account! Fortunately, the main cloud administrator account cannot be disabled.
To enable the user account again, select the Activated checkbox.
If the user makes too many failed login attempts, the platform will automatically suspend their account for the account lock duration or until it is enabled by an administrator.
If a user cannot automatically reset their password or if the user account is locked for too many password attempts, you can manually reset the password and unlock the account.
To manually reset a user password:
The user password will be reset. Notify the user of their new password.
If you manage users in multiple tenants, to move a user to another tenant:
Note that you cannot edit the user to change the user's enterprise.
To display the users in card view, select the card view tab from the view selectors in the top right-hand corner.
Users in card view
To display groups of users, click on the pages to display the following:
The user status is displayed either by a colored dot in the Activated column or in the colored tag on the user card:
To filter users and display only those with a certain text in the user details:
Display connected users
To display users that are currently connected, go to the Show logged users page.
Screenshot: to display the users who are currently logged in, in Users view, select the Show logged users tab.
The enterprise manager user will receive notification emails from the cloud administrators about physical machines and their enterprise's VMs on the platform.
To make a user an enterprise manager:
You cannot delete the default Cloud Administrator (username: admin) because the role is locked, unless you are another user with the same locked role (CLOUD_ADMIN). However, there must always be at least one user with this role.
Note: If you wish to delete a tenant, you do not need to delete the users manually first. When you delete an enterprise, the platform will automatically delete all tenant administrators and cloud users in the enterprise.
Abiquo will delete the user account but the user's VMs and other resources will remain on the cloud platform and users in the same enterprise with the appropriate permissions can work with them.
To only allow access from a set of network addresses for a specific user via console and API:
To restrict access of more than one user at a time, set role and/or scope CIDRs.
Screenshot: Create a scope with Allowed CIDRs.
Screenshot: Create a role with Allowed CIDRs