Managing vStor User Accounts

vStor implements an advanced permission model that lets you create and manage user accounts with role-based access control. This system defines permissions for both administrators and standard users, allowing controlled access to vStor resources.

User management is available for Admin users from the Users section.

Default User Settings

This section includes allowed authentication methods.

Selecting Allowed Authentication Methods

Checkboxes in the Authentication Methods section indicate what MFA methods are allowed. The Authentication app option is always checked, but the administrator can uncheck the One-time e-mail password checkbox, effectively forcing all users with e-mail MFA authentication to change their authentication methods. Users without MFA configured will not be affected unless the administrator enforces MFA.

Enforcing Multifactor Authentication for All Users

The administrator may enforce multifactor authentication for all users. Enabling this setting requires that the administrator has already configured their multifactor authentication. To enable MFA enforcement, switch the Enforce multifactor authentication for all users toggle to on.

The administrator may also choose to allow or disallow authenticating via one-time e-mail password by unchecking the One-time e-mail password checkbox. Authenticating via an app cannot be disallowed.

Important. From this moment on, all users will be required to use MFA. Users with MFA already configured via an authentication app will not be affected. Users without MFA or with a disallowed authentication method will be required to configure MFA upon their next log-in.

To stop enforcing multifactor authentication, switch the toggle off. You will be prompted to confirm your decision with your vStor password and an MFA verification code.

Note. Disabling MFA enforcement does not remove multifactor authentication from the user accounts with MFA configured. It only removes the obligation to have one.

See also. For more information on configuring MFA, see Using Multifactor Authentication (MFA).

Users

This section lists all user accounts existing in this vStor installation. Administrators may add, disable and remove users. See below for details.

vStor User Roles

vStor distinguishes between two predefined roles, each with specific access levels to resources:

  • Admin: Users with the Admin role have unrestricted access to all resources and capabilities within vStor, including user management and system configuration.

  • Standard: Standard users are granted access only to pools specifically assigned to them.

Impact of Pool Permissions on User Visibility

The pool permissions assigned to a Standard user directly influence their visibility of resources in vStor:

  • Shares: A Standard user will not see these resources if they lack permissions for the associated pool.

  • Partnerships, Replication Relationships, and Schedules:

    • Creation: Standard users can create these configurations for their assigned pools.

    • Editing and Synchronization: Only the creating Standard user can edit their configurations and manually trigger synchronization for their own Replication Relationships.

    • Administrative Actions: Administrators can view all configurations but can only delete them, not edit or manually trigger synchronization.

  • Dashboard: The dashboard for a Standard user will only summarize the pools they can access.

Creating User Accounts

To create a new user account in vStor:

  1. Click Add New in the Users section to launch the Add User dialog.

  1. Assign a Name and a Password for the new user.

  2. Select the type of account for the user:

    • Admin: Grants full access to all resources within vStor.

    • Standard: Limits access to only assigned pools. If you select this option, you need to specify which pools the user can access.

  3. Click Save to save the new user account.

Note. Standard users can only view and manage resources within their assigned pools. Administrators can modify pool permissions for a Standard user at any time.

Changing Pool Permissions for Standard Users

Administrators can modify a Standard user’s pool access in vStor.

To adjust pool permissions for a Standard user:

  1. Select the account, hover over the name, click More Actions (•••), and select Change Permissions.

  1. Add or remove the user’s access to specific pools. Click Save.

Attention! If a user loses permission to access a pool, any relationships and hosts they have created associated with that pool will be automatically deleted.

Disabling User Accounts

User accounts can be temporarily disabled through both the vStor Web Interface and the CLI.

Using vStor Web Interface

  1. Select the account to be disabled, hover over the name, click More Actions (•••), and select Disable Account.

  1. Confirm by clicking the Disable button.

To re-enable a disabled account, follow the same steps and select Enable Account.

Using vStor CLI

To disable a user account via the CLI, execute:

vstor user disable --username <user>

To re-enable a user account:

vstor user enable --username <user>

Changing User Account Password

Changing a user account’s password can be done through the Web Interface or CLI for security purposes.

Using vStor Web Interface

  1. Select the account, hover over the name, click More Actions (•••), and select Change Password.

  1. Enter the new password and click Save.

Important. Changing the Standard user password does not require the administrator to know the user’s previous password.

Using vStor CLI

To change a password via the CLI, use:

vstor user change-password --username <username> --password <password> --new_password <new-password>
PreviousAssigning an E-mail to a vStor AccountNextUsing Multifactor Authentication (MFA)

Last updated