Access Appliance Online Help

Last Published:
Product(s): Appliances (7.4.3)
Platform: Veritas 3340,Access Appliance OS
  1. Getting started
    1.  
      About Access Appliance
    2.  
      Enabling certificate-based authentication in Access Appliance
    3.  
      Configuring storage for LTR
    4.  
      About the dashboard
    5.  
      Setting up the storage type for provisioning
    6. About the CIFS shares
      1.  
        Creating a CIFS share with continuous replication
      2.  
        Creating a CIFS share with episodic replication
      3.  
        Creating a CIFS share with encryption
      4.  
        Creating a CIFS share with episodic replication and encryption
      5.  
        Creating a CIFS share without replication and encryption
    7. About managing CIFS shares for Enterprise Vault
      1.  
        Creating a CIFS share for Enterprise Vault with replication
      2.  
        Creating a CIFS share for Enterprise Vault without replication
    8. About the NFS shares
      1.  
        Creating an NFS share with continuous replication
      2.  
        Creating an NFS share with episodic replication
      3.  
        Creating an NFS share with encryption
      4.  
        Creating an NFS share with episodic replication and encryption
      5.  
        Creating an NFS share without replication and encryption
    9.  
      About an iSCSI target
    10.  
      Creating an iSCSI target and provisioning LUNs
    11. About S3 buckets for NetBackup
      1.  
        Creating an S3 bucket for NetBackup without a cloud tier
      2.  
        Creating an S3 bucket for NetBackup with a cloud tier
    12.  
      Using the Access Appliance product documentation
    13.  
      Changing your password
  2. Managing storage
    1. About storage provisioning and management
      1.  
        Adding disks to a storage pool
      2.  
        Removing disks from a storage pool
      3.  
        Viewing information about disks
      4.  
        Accessing disk details
      5.  
        Viewing information about a node in a cluster
      6.  
        Accessing node details
      7.  
        Discovering disks
      8.  
        Formatting a disk
  3. Managing file sharing services
    1.  
      About using the NFS server with Access Appliance
    2.  
      About configuring Access Appliance for CIFS
    3.  
      About the Object Store server
  4. Monitoring and troubleshooting
    1.  
      About troubleshooting
    2.  
      Monitoring command activity
    3.  
      Monitoring alerts
    4.  
      Monitoring events
    5.  
      Viewing reports
    6.  
      Viewing cluster storage usage
    7.  
      Viewing file system usage
    8.  
      About hardware monitoring
    9.  
      Viewing hardware monitoring
    10.  
      Running a full discovery
  5. Provisioning and managing file systems
    1. Creating a file system
      1.  
        Viewing the list of file systems
      2.  
        Viewing file system performance
      3.  
        Accessing file system details
      4.  
        Modifying a file system
      5.  
        Choosing a file system layout type
      6.  
        Setting up a file system online or offline
      7.  
        Deleting a file system
    2.  
      Setting the maximum IOPS
    3.  
      Creating a snapshot
    4.  
      Restoring a snapshot
    5. Configuring a replication job
      1.  
        Stopping or starting a replication job for VVR
      2.  
        Pausing and resuming a replication job for VVR
      3.  
        Enabling or disabling a replication job for VFR
      4.  
        Synchronizing a replication job for VFR
      5.  
        Failing over or failing back a replication job for VVR
      6.  
        Failing over or failing back a replication job for VFR
      7.  
        Unconfiguring a replication job for VFR
      8.  
        Unconfiguring a replication job for VVR
    6.  
      Viewing the list of iSCSI targets
    7.  
      Adding an initiator for an iSCSI target
    8.  
      Removing an initiator for an iSCSI target
    9.  
      Adding portal IPs for an iSCSI target
    10.  
      Setting up authentication for an iSCSI target
    11.  
      Viewing the list of initiators for an iSCSI target
    12.  
      Viewing the portal IPs for an iSCSI target
    13.  
      Removing portal IPs for an iSCSI target
    14.  
      Removing authentication settings for an iSCSI target
    15.  
      Removing an iSCSI target
    16.  
      Removing the file system store for an iSCSI target
    17.  
      Viewing the list of LUNs for an iSCSI target
    18.  
      Creating a LUN for an iSCSI target
    19.  
      Increasing the size of a LUN for an iSCSI target
    20.  
      Reducing the size of a LUN for an iSCSI target
    21.  
      Removing a LUN for an iSCSI target
    22.  
      Cloning a LUN for an iSCSI target
    23.  
      Creating a snapshot of a LUN for an iSCSI target
    24.  
      Viewing the list of snapshots for an iSCSI target
    25.  
      Removing a LUN snapshot
    26.  
      Restoring a LUN snapshot
  6. Provisioning and managing shares
    1.  
      About file sharing protocols
    2.  
      About concurrent access
    3.  
      About concurrent access with NFS and S3
    4.  
      Sharing directories using CIFS and NFS protocols
    5.  
      Adding a share
    6.  
      NFS protocol options
    7.  
      CIFS protocol options
    8.  
      About buckets and objects
    9.  
      About Active Directory (AD)
    10.  
      Logging on as an active directory user
    11.  
      Creating access and secret keys for an active directory user
    12.  
      Exporting an NFS share as an S3 bucket
    13.  
      Viewing information about a share
    14.  
      Accessing share details
    15.  
      Configuring a favorite share
    16.  
      Deleting a share
    17.  
      Managing permissions for CIFS shares
    18.  
      Managing clients for the NFS shares
  7. Managing policies
    1.  
      About policies for storage provisioning
    2.  
      About policies for long-term data retention
    3.  
      About policies for archiving data using Enterprise Vault
    4.  
      About policies for file systems
    5.  
      About pattern matching for data movement policies
    6.  
      Viewing information about policies
    7.  
      Activating storage policy templates
    8.  
      Activating long-term data retention policies
    9.  
      Activating archival policies
    10.  
      Creating an S3 bucket
    11.  
      About cloud-storage tiering
    12.  
      Workflow for adding a cloud tier
    13.  
      About tiering policies
    14.  
      Adding a secondary tier
    15.  
      Viewing information about the secondary tier
    16.  
      Adding or editing a tier policy on a secondary tier
    17.  
      Creating a policy schedule
  8. Managing settings
    1.  
      Viewing Access Appliance settings
    2.  
      About the cloud gateway
    3.  
      Viewing information about cloud services
    4.  
      Adding and removing a cloud service
    5.  
      Viewing discovery information about your cluster
    6.  
      About the Lightweight Directory Access Protocol
    7.  
      Configuring LDAP
    8.  
      Configuring Active Directory
    9.  
      About user management
    10.  
      Adding and removing user roles using GUI
    11.  
      Performing user management using CLISH
    12.  
      Configuring the NTP server
    13.  
      Starting or stopping the CIFS or NFS servers
    14.  
      Starting or stopping the S3 server
    15.  
      Adding or removing storage pools for S3 users
    16.  
      Configuring the /etc/hosts file for mapping of S3 users
    17.  
      Registering a NetBackup master server or an EMM server
    18.  
      Modifying a NetBackup media server list
    19.  
      Viewing information about your NetBackup configuration with Access Appliance
    20.  
      About cluster management
    21.  
      Setting up the time and the time zone for the cluster
    22. About replication
      1.  
        Viewing information about replication
      2.  
        Setting up a virtual IP for replication
      3.  
        Creating a replication link
      4.  
        Deleting a replication link
      5.  
        Modifying a replication unit
      6.  
        Deleting a replication virtual IP
      7.  
        Setting a replication schedule
    23.  
      Viewing information about events
    24.  
      Purging events
    25. About Access Appliance product licensing
      1.  
        Adding a license
      2.  
        Per-TB licensing model
      3.  
        Notes and functional enforcements for licensing
      4.  
        Viewing information about licensing
    26.  
      Setting object server default parameters
    27.  
      Setting up the object server group-specific parameters
    28.  
      Viewing information about S3
    29.  
      Configuring the KMS server
    30.  
      About the CIFS service management
    31.  
      Setting up the home directory
    32. About the File Transfer Protocol
      1.  
        Configuring the File Transfer Protocol
      2.  
        Viewing information about FTP
    33. About Veritas Data Deduplication
      1.  
        Configuring Veritas Data Deduplication using the GUI
      2.  
        Viewing information about Veritas Data Deduplication
      3.  
        Starting or stopping the Veritas Data Deduplication service
      4.  
        Increasing storage for Veritas Data Deduplication
      5.  
        Unconfiguring Veritas Data Deduplication
    34. About alert management
      1.  
        Viewing information about alert management
      2.  
        Managing alerts
    35.  
      STIG overview for Access Appliance
    36.  
      FIPS compatibility list
  9.  
    Index

About user management

Access Appliance enables you to add users for administering your appliance. Your privileges within Access Appliance are based on what user role you have been assigned.

The following table provides an overview of the user roles within Access Appliance.

Table: User roles within Access Appliance

User role

Description

Master

Master has all of the permissions including adding and deleting users, displaying users, and managing passwords. Only the Masters can add or delete other administrators.

Vxdefault

A vxdefault user role does not have any privilege. If the user role is not specified while creating the user, then the user is created without any privileges and is termed as a vxdefault user.

You can add local users as well as users from an Active Directory (AD) server and a Lightweight Directory Access Protocol (LDAP) server. The LDAP server should be a Linux/UNIX server. Registering remote users lets you leverage your existing directory service for user management and authentication.

Each user account must authenticate itself with a user name and password to access the appliance. For a local user, the user name and password are managed on the appliance. For a registered remote user, the user name and password are managed by the remote directory service.

To add the different administrator roles, you must have master privilege. After you assign the master role to AD and LDAP users, they can also perform cluster configuration and management using the GUI, Access CLISH, Appliance CLISH and Restful APIs.

When you add a new user role, remember that:

  • Any user who has been assigned the master role can assign the master role to an AD/LDAP user and groups for managing the configuration.

  • You can remove the master role for a given AD/LDAP user and groups.

  • AD/LDAP users without a master role can generate S3 keys.

  • AD/LDAP users can login even after a console failover or HA scenarios.

  • Domain is an optional argument with the default value as local.

  • For the local user, only the username is required.

  • You can assign only the master role to the LDAP and AD user.

  • The LDAP username should not be the same as a local username.

  • For AD, enter domain\\username.

  • For LDAP, enter username.

  • Veritas recommends that LDAP, AD, and NIS UIDs start from 10000. Otherwise, when you assign a role to the AD/LDAP user, the UID of the local user may conflict with the UID of a user from the directory server.

  • Nested LDAP group for role assignment is not supported.

The Support account is reserved for Technical Support use only, and it cannot be created by administrators.

To perform user role management using GUI, see See Adding and removing user roles using GUI.

To perform user management using CLISH, see See Performing user management using CLISH.