Adding and Editing Users

You can add users to the CTERA Edge Filer by connecting to Active Directory, or add local users.

• When connecting to Active Directory, you can add users from a domain or from an Active Directory tree or forest: Defining Users From an Active Directory Domain, Tree or Forest.
• When adding local users to the CTERA Edge Filer: Adding and Editing Local Users.

Defining Users From an Active Directory Domain, Tree or Forest

When an Active Directory structure includes domains such that the CTERA Edge Filer is joined to one domain, which is set up to trust a second domain, you set up ID mapping for the second domain on the edge filer. The edge filer can list users and groups, and users can access the resources on the edge filer based on their permissions.

When the trust between domains is one way, for example, domain A is set up to trust domain B, but domain B is not set up to trust domain A, you can set up ID mapping for domain B on the edge filer connected to domain A, and users and groups from domain B can access the edge filer. But, if you connect the edge filer to domain B, users and groups from domain A will not be able to access the edge filer.

To define users from an Active Directory domain if Active Directory wasn't set up in the initial setup:

1. In the Configuration view, select Shares > Windows File Sharing in the navigation pane.
   The Windows File Sharing page is displayed.
   
2. Click Connect to Domain/Workgroup.
   The Connect to Domain/Workgroup page is displayed.
   
3. Choose Domain.
   
4. Type the domain name, username for the domain administrator and the password for that administrator.
5. Specify whether to use TLS to support LDAPS.
6. Optionally, in the Organizational Unit field, type the name of the organizational unit within the Active Directory domain.
   The format is a path and can contain the following:
   CN=Fully qualified domain name, such as gatewayName.portalName.portalSuffix
   L=Locality Name, for example, London
   ST=State or Province Name, for example, London
   O=Organization Name, for example, CTERA Networks
   OU=Organizational Unit Name, for example, Sales
   C=Country Name, for example, GB
   STREET=Street Address
   DC=Domain Component, for example com
   UID=Userid
7. If you made any changes, click Save, otherwise click Revert to revert to the last saved configuration.

To define CTERA Edge Filer users from an Active Directory tree or forest:

1. After the Active Directory domain is set up, in the Windows File Sharing page, in the Domain/Workgroup area, click Advanced Mappings.
   
   The UID/GID Mappings page is displayed.
   
2. Use the default range mapping, Filer assigns UNIX attributes (RID), or Active Directory Unix Attributes (RFC2307), UseActive Directory Unix Attributes (RFC2307). When using RFC2307, Active Directory stores the user credentials, and RFC2307 stores UIDs and GIDs.
   Note

   RFC2307 enables:

   • Management of user accounts and passwords on Windows and UNIX systems through Server for Network Information Service (NIS)
   • Automatic synchronization of passwords between Windows and UNIX operating systems
3. Click Mapping Range and for each domain in the tree/forest displayed in the list of domains, specify the UID/GID range allocated on CTERA for users and groups from Active Directory.
   
   The UID/GID range is defined by UID/GID Start value and UID/GID End value. This is set for each domain that is trusted in the Active Directory environment. The UID/GID range has a default minimum value of 200,000 in order to reserve a range for local accounts and system accounts to run on the system and should not be changed.
   Note

   The ID mapping range 1 to 199999 is reserved and must not be manually overwritten.

   1. Select the domain from the drop-down list.
   2. Click the icon to edit the UID/GID End value. Type the ending number in the range of CTERA Edge Filer user and group IDs (UID/GID) that should be assigned to users and user groups from this domain. The end number is calculated as follows:
      The RID, Relative ID, value, added to the UID/GID Start number.
      The SID is the identity of a user in Active Directory. SIDs are represented in the following way: S-1-5-21-1180699209-877415012-3182924384-4850000, where the last part of the SID is the RID value, 4850000 in this SID example.
      For example, if the RID is 4850000 and UID/GID Start is 200000, UID/GID End is 4850000 + 200000 = 5050000.
      Leave the UID/GID Start field with the default value.
   3. Click to save the change.
   Note

   The order in which domains appear in the table represents the order in which the domains will appear in drop-down lists throughout the CTERA Edge Filer user interface, for example, when managing access rights to projects.

4. To add a domain, click Create.
5. To remove a domain, in the domain row, click .
   The domain is not displayed in the table.
6. If you made any changes, click Save, otherwise click Revert to revert to the last saved configuration.

Adding and Editing Local Users

You specify the local users who have access to the CTERA Edge Filer.

To add or edit a user:

1. In the Configuration view, select Users > Users in the navigation pane.
   The Users page is displayed.
   
   Note

   A Migration Tool Service Admin Account administrator is automatically added: migration-service-n, where n is a unique identifier. You must not delete this administrator.

2. To add a user, click New.
   
   Or,
   To edit a user, click the user name.
   
3. Specify the new user details.
   Username – A name for the user. Username must be between one and 32 characters long. It must start with an alphabetic character and end with an alphanumeric character or $. It may contain alphanumeric characters, _, and -
   Password – A password for the user. The password must be at least eight characters and must include at least a letter, digit and special character, such as ~, @, #, $ , %, ^, & , (. The password cannot contain the Username as part or all of the password.
   Retype password – The same password you entered in the Password field.
   Full Name (Optional) – The full name of the user. Full Name must be between one and 256 characters long. It must start with an alphabetic character and end with an alphanumeric character or $. It may contain alphanumeric chars, _, and -
   Email Address (Optional) – The email address of the user.
   Numeric UID (Optional) – A numeric user ID (UID) to assign the user.
   
   Or,
   To edit a user, change the value of any of the fields and to change the password enable Change Password to display the Password and Retype Password fields.
4. Click Save.

The user is displayed.

Adding Users to User Groups

Users are added to user groups during user group configuration. See Managing User Groups.