Configuring Security Policies |
On the navigation bar, choose > Account > Security Policy. |
Background
System security policies include password policies and login policies. Perform this operation when you want to improve system security.
Precautions
- For security purposes, you are advised to enable Password validity period (days), Minimum password validity period (minutes), and Password lock.
- The value of Password Advance Warning Threshold must be less than or equal to the value of Password Validity Period. If the former value is greater than the latter value, the password warning threshold automatically changes to the current password validity period.
- The minimum password validity period must be shorter than or equal to the password validity period. Otherwise, the system displays an error message.
|
- Session Timeout (minutes)
The session timeout period refers to the period during which a user's session with the eBackup backup management system is disconnected due to timeout.
After a user logs in to the eBackup system, if the user does not perform any operation within the session timeout period, the current session is disconnected due to timeout. When you perform operations on the eBackup system again, you need to log in to the system again.
- Errors
Maximum number of allowed consecutive incorrect password attempts. When the number of incorrect password attempts reaches the value of this parameter, the system automatically locks the account.
NOTE:
This parameter is available only when Password Lock is enabled.
After an account is locked, the super administrator can manually unlock the account. Alternatively, the system automatically unlocks the account after the preset automatic unlocking time.
|
Viewing user details |
On the navigation bar, choose > Account > User. |
Background
Perform this operation when you want to view the basic information, role, and lock status of a user.
Precautions
After logging in to the system, the super administrator can view information about all users. Administrators and common users can view only their own user information after logging in to the system. |
- Type
Type of a user. The options are as follows:
- Local Users
A local user is a man-machine interaction account (local authentication) and is used to log in to the eBackup system to manage backup and restore services.
- LDAP user
An LDAP user is a man-machine interaction account (LDAP authentication). It is used to log in to the eBackup system to manage backup and recovery services.
- Interface interconnection user
The interface interconnection user is a machine-machine interaction account and is used to interconnect the eBackup management system with other systems.
eBackup provides a preset interface interconnection user. The default user name is NBIUser, and the default password is Huawei@CLOUD8!.
- CCR-Node roles
User role. For details about role types and their rights, see.
NOTE:
Administrators and common users can only search for themselves in the search box in the upper right corner.
|
Creating a user |
On the navigation bar, choose > Account > User and click Create. |
Background
Perform this operation when you want to create users with the administrator and common user roles to restrict different users' operations on the system and improve system security.
Precautions
The super administrator has the highest rights in the system. Log in to the system as the super administrator. |
- Type
For details about how to create a user type, see "Viewing User Information" in Related Operations.
Users of the Interface interconnection user type have the administrator rights.
- Role
Role of the new user. For details about role types and their rights, see.
Create users based on the operation rights of users with different roles defined in the system to restrict user operations on the system, ensuring service system stability and service data security.
- Password
Login password of the new user.
The default password complexity requirements are as follows:
- Maximum number of user connections
Indicates the maximum number of sessions for a single user. If this parameter is not set, there is no restriction.
|
Modification of user details |
On the navigation bar, choose > Account > User. Move the mouse pointer to the user to be modified and click in the button area on the right. |
Background
Perform this operation when you want to modify user information, for example, reset the passwords of administrators and common users and change user roles.
Precautions
- Only the information about users except the super administrator can be modified.
- After resetting the password when modifying user information, notify the corresponding user to use the new password to log in to the eBackup system.
NOTE:
If an interface interconnection user has been used to configure the eBackup driver, you need to reconfigure the eBackup driver once the password of the interface interconnection user is changed.
|
None |
Delete the user. |
On the navigation bar, choose > Account > User. Move the mouse pointer to the user to be deleted and click in the button area on the right. |
Background
The super administrator can delete an administrator or common user account that is no longer needed.
Precautions
Only the super administrator can delete a user. The super administrator cannot delete itself. |
None |
Forcing a subscriber to go offline |
On the navigation bar, choose > Account > User. Move the mouse pointer to the user to be forced offline and click in the button area on the right. |
Background
The super administrator can force an administrator or a common user to log out of the system.
Precautions
Only the super administrator can force a user to go offline. The super administrator cannot force itself to go offline. |
None |
Locking a user |
On the navigation bar, choose > Account > User. Move the mouse pointer to the user to be locked and click in the button area on the right. |
Background
Perform this operation when you want to lock a user with the administrator or common user role.
Precautions
- Only the super administrator can lock a user. The super administrator cannot lock itself.
- A locked user cannot log in to the eBackup system.
- The super administrator can lock a user in either of the following ways:
- Automatic lock: You can set Password lockout and Number of incorrect password attempts in the password policy to automatically lock a user whose number of consecutive incorrect password attempts exceeds the upper limit. For details, see "Configuring Security Policies" in Related Operations.
- Manual locking: A user is manually locked. The locked user can log in to the system only after being manually unlocked by the super administrator.
|
None |
Unlocking a User |
On the navigation bar, choose > Account > User. Move the mouse pointer to the user to be unlocked and click in the button area on the right. |
Background
Perform this operation when you want to unlock a user with the administrator or common user role.
Precautions
Manually unlock a locked user in the system. You can unlock the account in either of the following ways:
- Automatic unlocking: If Password Lock is set in the password policy, the system automatically unlocks the user when the locking duration expires.
- Manual unlocking: The super administrator can manually unlock a user that is automatically or manually locked.
|
None |