users command

Use this command to access all user accounts and their authority levels.

The users command is also used to create new user accounts and modify existing accounts. Running the users command with no options displays a list of users and some basic user information. The following table shows the arguments for the options.

Table 1. users command.
The following table is a multi-row three column table consisting of the options, option descriptions, and associated values for the options.
Option	Description	Values
-user_index	User account index number	1 through 12, inclusive, or all for all users.
-n	User account name	Unique string containing only numbers, letters, periods, and underscores. Minimum of 4 characters and maximum of 16 characters.
-p	User account password	String that contains at least one alphabetic and one non-alphabetic character. Minimum of 6 characters and maximum of 20 characters. Null creates an account without a password that the user must set during their first login.
-a	Authority level	The authority level can be one of the following levels: super (supervisor) ro (read only) Any combination of the following values, separated by \|: am (user account management access) rca (remote console access) rcvma (remote console and virtual media access) pr (remote server power/restart access) cel (ability to clear event logs) bc (adapter configuration [basic]) nsc (adapter configuration [network and security]) ac (adapter configuration [advanced])
-ep	Encryption password (for backup/restore)	Valid password
-clear	Erase specified user account If you are authorized, you can remove your own account or the account of other users, even if they are currently logged in, unless it is the only account remaining with User Account Management privileges. Sessions that are already in progress when user accounts are deleted will not be automatically terminated.	User account index number to erase must be specified, following the form: users -clear -user_index
-curr	Display users currently logged in
-sauth	SNMPv3 authentication protocol	HMAC-SHA, none
-spriv	SNMPv3 privacy protocol	CBC-DES, AES, none
-spw	SNMPv3 privacy password	Valid password
-sepw	SNMPv3 privacy password (encrypted)	Valid password
-sacc	SNMPv3 access type	get, set
-strap	SNMPv3 trap host name	Valid host name
-pk	Display SSH public key for user	User account index number. Note Each SSH key assigned to the user is displayed, along with an identifying key index number. When using the SSH public key options, the -pk option must be used after the user index (-userindex option), of the form: users -2 -pk. All keys are in OpenSSH format. For Flex nodes, the users commands are limited to only local IPMI and SNMP accounts. The option -pk is not supported for Flex Systems.
-e	Display entire SSH key in OpenSSH format (SSH public key option)	This option takes no arguments and must be used exclusive of all other users -pk options. Note When using the SSH public key options, the -pk option must be used after the user index (-userindex option), of the form: users -2 -pk -e.
-remove	Remove SSH public key from user (SSH public key option)	Public key index number to remove must be given as a specific -key_index or -all for all keys assigned to the user. Note When using the SSH public key options, the -pk option must be used after the user index (-userindex option), of the form: users -2 -pk -remove -1. For Flex nodes, the users commands are limited to only local IPMI and SNMP accounts. The option -remove is not supported for Flex Systems.
-add	Add SSH public key for user (SSH public key option)	Quote-delimited key in OpenSSH format Note The -add option is used exclusive of all other users -pk command options. When using the SSH public key options, the -pk option must be used after the user index (-userindex option), of the form: users -2 -pk -add "AAAAB3NzC1yc2EAAAABIwAAA QEAvfnTUzRF7pdBuaBy4dO/aIFasa/Gtc+o/wlZnuC4aD HMA1UmnMyLOCiIaNOy4OOICEKCqjKEhrYymtAoVtfKApv Y39GpnSGRC/qcLGWLM4cmirKL5kxHNOqIcwbT1NPceoKH j46X7E+mqlfWnAhhjDpcVFjagM3Ek2y7w/tBGrwGgN7DP HJU1tzcJy68mEAnIrzjUoR98Q3/B9cJD77ydGKe8rPdI2 hIEpXR5dNUiupA1Yd8PSSMgdukASKEd3eRRZTBl3SAtMu cUsTkYjlXcqex1OQz4+N50R6MbNcwlsx+mTEAvvcpJhug a70UNPGhLJMl6k7jeJiQ8Xd2p XbOZQ==" For Flex nodes, the users commands are limited to only local IPMI and SNMP accounts. The option -add is not supported for Flex Systems.
-upld	Upload an SSH public key (SSH public key option)	Requires the -i and -l options to specify key location. Note The -upld option is used exclusive of all other users -pk command options (except for -i and -l). To replace a key with a new key, you must specify a -key_index. To add a key to the end of the list of current keys, do not specify a key index. When using the SSH public key options, the -pk option must be used after the user index (-userindex option), of the form: users -2 -pk -upld -i tftp://9.72.216.40/ -l file.key. For Flex nodes, the users commands are limited to only local IPMI and SNMP accounts. The option -upld is not supported for Flex Systems.
-dnld	Download the specified SSH public key (SSH public key option)	Requires a -key_index to specify the key to download and the -i and -l options to specify the download location on another computer running a TFTP server. Note The -dnld option is used exclusive of all other users -pk command options (except for -i, -l, and -key_index). When using the SSH public key options, the -pk option must be used after the user index (-userindex option), of the form: users -2 -pk -dnld -1 -i tftp://9.72.216.40/ -l file.key.
-i	IP address of TFTP/SFTP server for uploading or downloading a key file (SSH public key option)	Valid IP address Note The -i option is required by the users -pk -upld and users -pk -dnld command options.
-pn	Port number of TFTP/SFTP server (SSH public key option)	Valid port number (default 69/22) Note An optional parameter for the users -pk -upld and users -pk -dnld command options.
-u	User name for SFTP server (SSH public key option)	Valid user name Note An optional parameter for the users -pk -upld and users -pk -dnld command options.
-pw	Password for SFTP server (SSH public key option)	Valid password Note An optional parameter for the users -pk -upld and users -pk -dnld command options.
-l	File name for uploading or downloading a key file via TFTP or SFTP (SSH public key option)	Valid file name Note The -l option is required by the users -pk -upld and users -pk -dnld command options.
-af	Accept connections from host (SSH public key option)	A comma-separated list of hostnames and IP addresses, limited to 511 characters. Valid characters include: alphanumeric, comma, asterisk, question mark, exclamation point, period, hyphen, colon and percent sign.
-cm	Comment (SSH public key option)	Quote-delimited string of up to 255 characters. Note When using the SSH public key options, the -pk option must be used after the user index (-userindex option), of the form: users -2 -pk -cm "This is my comment.".

Syntax:

users [-options] - display/configure user accounts
options:
   -[1-12]  - user account number
   -l       - display password expiration days
   -n       - username (limited to 16 characters)
   -p       - password (limited to 32 characters)
   -shp     - set hashpassword (total 64 characters)
   -ssalt   - set salt (limited to 64 characters)
   -ghp     - get hashpassword
   -gsalt   - get salt
   -ep      - encrypted password (used with backup/restore )

   -a       - authority level (super, ro, custom:am|rca|rcvma|pr|cel|bc|nsc|ac)
       -am    - User account management access
       -rca   - Remote console access
       -rcvma - Remote console and remote disk (virtual media) access
       -pr    - Remote server power/restart access
       -cel   - Ability to clear event logs
       -bc    - Adapter Configuration (basic)
       -nsc   - Adapter Configuration (network and security)
       -ac    - Adapter Configuration (advanced)

   -clear   - clear user account
   -curr    - display current users
   -sauth   (none|HMAC-SHA)           - snmpv3 authentication protocol
   -spriv   (none|CBC-DES|AES)        - snmpv3 privacy protocol
   -spw     password                  - snmpv3 privacy password
   -sepw    encryptedpassword         - snmpv3 privacy password (encrypted)
   -sacc    (Get)                 - snmpv3 Access type
   -strap   hostname                  - snmpv3 trap hostname

   -pk      - SSH public keys options:
       -e       - Displays the entire key in OpenSSH format
       -remove  - Removes the specified key for the specified user
       -add     - Adds a public key for the specified user
       -upld    - Used to upload a public key in OpenSSH/RFC4716 format
       -dnld    - Used to download the specified public key to a TFTP/SFTP server
       -i       - IP address of the TFTP/SFTP
       -pn      - port number of tftp/sftp server (default 69/22)
       -u       - username for sftp server
       -pw      - password for sftp server
       -l       - Filename of the key file when uploading or downloading via TFTP/SFTP
       -af      - accept connections from host, in the format: from="<list>", where
                  <list> is a comma-separated list of hostnames and IP addresses
                  (limited to 511 characters)
       -cm      - comment (limited to 255 characters, must be quote-delimited)

Note

-a custom permission flags can be used in any combinations.

Example:

system> users
 Account      Login ID      Advanced Attribute              Role            Password Expires
 -------      --------      ------------------            ------            ----------------
    1           USERID                  Native                Administrator                   89 day(s)
system> users -2 -n sptest -p Passw0rd12 -a super
The user is required to change the password when the user logs in to the management server for the first time
ok
system> users
 Account      Login ID      Advanced Attribute            Role              Password Expires
 -------      --------      ------------------           ------            ----------------
    1           USERID                  Native           Administrator                   90 day(s)
2           sptest                  Native                Administrator            Password expired
system> hashpw –sw enabled –re enabled
system> users -5 –n guest5 –shp 292bcbc41bb078cf5bd258db60b63a4b337c8c954409442cfad7148bc6428fee –ssalt abc –a super
system> users -5 ghp
292bcbc41bb078cf5bd258db60b63a4b337c8c954409442cfad7148bc6428fee 
system> users -5 gsalt
abc
system> users -2 -n sptest -p Passw0rd12 -a custom:am|rca
The user is required to change the password when the user logs in to the management server for the first time
ok

Give documentation feedback