Creating a cluster administrator account

You can create new cluster administrator accounts with permissions to allow or restrict access to specific areas of the storage system. When you set cluster administrator account permissions, the system grants read-only rights for any permissions you do not assign to the cluster administrator.

Before you begin

If you want to create an LDAP cluster administrator account, ensure that LDAP is configured on the cluster before you begin.

About this task

You can later change cluster administrator account privileges for reporting, nodes, drives, volumes, accounts, and cluster-level access. When you enable a permission, the system assigns write access for that level. The system grants the administrator user read-only access for the levels that you do not select.

You can also later remove any cluster administrator user account created by a system administrator. You cannot remove the primary cluster administrator account that was created when the cluster was created.

Steps

  1. To create a cluster-wide (non-LDAP) cluster administrator account, perform the following actions:
    1. Click Users > Cluster Admins.
    2. Click Create Cluster Admin.
    3. Select the Cluster user type.
    4. Enter a user name and password for the account and confirm password.
    5. Select user permissions to apply to the account.
    6. Select the check box to agree to the End User License Agreement.
    7. Click Create Cluster Admin.
  2. To create a cluster administrator account in the LDAP directory, perform the following actions:
    1. Click Cluster > LDAP.
    2. Ensure that LDAP Authentication is enabled.
    3. Click Test User Authentication and copy the distinguished name that appears for the user or one of the groups of which the user is a member so that you can paste it later.
    4. Click Users > Cluster Admins.
    5. Click Create Cluster Admin.
    6. Select the LDAP user type.
    7. In the Distinguished Name field, follow the example in the text box to enter a full distinguished name for the user or group. Alternatively, paste it from the distinguished name you copied earlier.

      If the distinguished name is part of a group, then any user that is a member of that group on the LDAP server will have permissions of this admin account.

    8. Select user permissions to apply to the account.
    9. Select the check box to agree to the End User License Agreement.
    10. Click Create Cluster Admin.