Users & User Groups¶
Users¶
Overview¶
The Users page displays a list of all Users. The following fields are surfaced for each User:
Tenant
Display Name
Username
Email
Role
Users which are grayed out in the list are currently inactive and cannot log in. From the Actions menu in each User row, the option is given to Impersonate the User, Edit, or Remove the User.
In Morpheus 4.2.1 and higher, click on the hyperlinked Display Name of the User to see a page detailing their effective Role permissions. This is especially useful for Users in multiple Roles where it might otherwise be difficult to determine their exact rights. This page looks identical to a User Role create/edit page except none of the fields are editable. Edit the User Role permissions for the User if changes need to be made.
Note
Some User data created through an Identity Source integration (such as Active Directory) is not editable in Morpheus, as it is synced from the Identity Source.
Create User¶
Users can be created from Administration > Users or Administration > Tenants > (selected Tenant) > Users tab`.
Note
Authorized Identity Source Users will be automatically created upon first sign in.
To create a User:
Navigate to either Administration > Users or Administration > Tenants > Select a Tenant``.
Select + CREATE USER.
From the New User Wizard input:
- Username & Email
First Name
Last Name
Username
Email address
- Receive Notifications
Enable to receive Provisioning and Policy email notifications.
- Roles
Role(s) to be inherited by the user. If multiple roles are selected, the higher permission levels of one role will override the other role(s).
- Password
Password must contain at least one uppercase letter, one lowercase letter, a number, and a symbol.
- Enabled
If unchecked, the user will no longer be able to sign into Morpheus, but their user data will remain.
- Password Expired
If enabled, the User will be forced to create a new password upon next login. The expired password cannot be used again.
- Linux Settings
Creates a User with the supplied Username, Password and/or Key-pair on Linux Instances when “Create my User” is selected during provisioning, or a User Group is added to an Instance of which this Morpheus user is a member of.
- Windows Settings
Creates a User with the supplied Username, Password and/or Key-pair on Windows Instances when “Create my User” is selected during provisioning, or a User Group is added to an Instance of which this Morpheus user is a member of.
Important
Please ensure password entered is allowable by Windows.
Note
Instance Resource Limits for a user are now configured through Policies
Select SAVE CHANGES.
Edit User¶
User settings can be edited from Administration > Users, Administration > Tenants > Select a Tenant > Users tab`, or from User Settings.
Note
Some User data from Users created via an Identity Source Integration such as Active Directory is not editable in Morpheus, as it is synced with the Identity Source.
To edit a User from the Administration > Users Section:
Select the Administration link in the navigation bar.
Select the Users link in the sub navigation bar.
Click ACTIONS on the row of the user to edit.
Select EDIT in the ACTIONS dropdown.
Make changes.
Select SAVE CHANGES.
To edit a User from the Administration > Tenants > Select a Tenant > Users tab`:
Select the Administration link in the navigation bar.
Select the Tenants link in the sub navigation bar.
Select a Tenant
Click ACTIONS on the row of the user to edit.
Select EDIT in the ACTIONS dropdown.
Make changes.
Select SAVE CHANGES.
User Settings¶
Additional settings for a User can be found in the User Settings section, including:
User Photo
Default Group
Default Cloud
API Access
To access User Settings:
Select your name in the header
Select User Settings
To edit the User you are currently logged in as from User Settings:
Select your name in the header
Select User Settings
Make changes.
Select SAVE.
API Access¶
API and CLI Access Tokens can be regenerated from the User Settings section.
To regenerate a CLI or API Access Token:
Select your name in the header
Select User Settings.
Select API ACCESS under the Windows Settings section.
Select ACTIONS for the Client ID the token will be generated for.
Select Regenerate.
Copy the Generated Access Token.
Important
The Access Token will be masked after User Setting are saved.
Select SAVE.
Delete User¶
To delete a User from the Administration > Users Section:
Select the Administration link in the navigation bar.
Select the Users link in the sub navigation bar.
Select ACTIONS on the row of the user to delete.
Select REMOVE in the ACTIONS dropdown.
Confirm
To delete a User from the Administration > Tenants > Select a Tenant > Users tab`:
Select the Administration link in the navigation bar.
Select the Tenants link in the sub navigation bar.
Select a Tenant
Click ACTIONS on the row of the user to delete.
Select REMOVE in the ACTIONS dropdown.
Confirm
User Groups¶
Overview¶
User Groups can be selected during provisioning to add each group members credentials to the Instance. User Groups can be configured for sudo access and in Linux will assign Group members to a groupId in linux.
Creating User Groups¶
Navigate to Administration > Users
Select the USER GROUPS tab.
Select + CREATE USER GROUP.
Enter the following:
- NAME
Name of the User Group
- DESCRIPTION
Optional User Group Description
- SERVER GROUP
Name of the groupId to assign Group members to in linux.
- SUDO ACCESS
Enable to give Group members sudo access
- USERS
Search for and select existing Users to add to the User Group.
Select SAVE CHANGES.
Editing User Groups¶
Navigate to Administration > Users
Select the USER GROUPS tab.
Select the ACTIONS dropdown next to the target User Group.
Select EDIT
Make changes, add or remove users from the group.
Select SAVE CHANGES.
Adding a User Group when Provisioning¶
When provisioning, in the CONFIG section expand the USER section.
Select an existing Group from the USER GROUP dropdown.
Users will be created for members in the selected User Group on the provisioned Instance(s).