Help Center> Cloud Bastion Host> Getting Started> Step 2: Create a CBH System User
View PDF

Step 2: Create a CBH System User

Background

Before using the CBH system, administrators need to create system users in the CBH system and assign different system roles to them based on their duties.

System users then can access the modules within the permissions.

Only the admin user has the permissions to manage system roles.

Procedure

Table 1 Different user creation methods

Creation Method

Description

Creating a single user

Create system users one by one. This method is applicable to create a single administrator.

Importing users in batches by Excel file

Configure user information based on the Excel template and import the Excel file to the CBH system.

This feature enables you to add system users, or O&M users, in batches.

Synchronizing AD domain users

Synchronize users from the AD domain server.

After the synchronization is successful, use the AD domain user accounts and passwords to log in to the CBH system. The AD domain server also provides the authentication service.

Configuration Description

Table 2 User information description

Parameter

Description

LoginName

Specifies the username for system users to log in to the CBH system.

The LoginName must be unique in the CBH system and cannot be changed after it is created.

Verification Type

Specifies the identity authentication methods for logging in to the CBH system.

  • Local: Use the account management system of the CBH system to authenticate users.
  • RADIUS: Use the third-party authentication server for identity authentication through the RADIUS protocol.
  • LDAP: Use the third-party authentication server to authenticate users through the LDAP protocol.
  • AD: Use the Windows AD domain server to authenticate users.

Password/Confirm Password

Specifies the password for the user to log in to the CBH system. The password can be configured or randomly generated by the CBH system.

UserName

Specifies the name which is used to differentiate CBH users.

Mobile

Specifies the phone number of the user. This phone number is used by the user to receive SMS messages for identity authentication or get the password back.

Email

Specifies the email address of the user. This email address can be used to receive system notifications.

Role

Specifies the role to be assigned to the user. Only one role can be selected for each user.

By default, system roles include the system administrator, policy administrator, audit administrator, and O&M administrator. The admin user can customize roles or edit the permissions of default roles.

  • System administrator: responsible for managing the CBH system. Except the User and Role modules, the system administrator role has the configuration rights of all other modules.
  • PolicyManager: responsible for configuring policy permissions. This role has the configuration permissions for the User Group, Account Group, and ACL Rules modules.
  • AuditManager: responsible for auditing system and maintenance data. This role has the configuration permission for Live session, History Session, and System Log modules.
  • User: common system users and resource operators. This role has the permissions for the Host Ops, Application Ops, and Ticket approval modules.

Department

Specifies the department to which the user belongs.

Remarks

Provides supplementary information about the user. This parameter is optional.