Although the Orchestration Server has some pre-assembled jobs, such as the cpuInfo discovery job that you learned about earlier, most jobs must be developed by a job developer, then be run and managed by a user (also called a job manager). Without an authorized individual who can log in to the Orchestration Server system to manage the use of a job, the product does not realize its potential.
This section of the walkthrough introduces the basics of creating a user account:
Now that the Orchestration Server has run discovery jobs and you have deployed a sample job, you can begin to create user accounts. To do so, open the Orchestration Console and click
in the toolbar to open the Users Monitor in the Workspace panel of the Orchestration Console.Figure 2-2 Users Monitor of the Orchestration Server Console
In this monitor, you can see the users that are connected to the server and what they are doing in the grid.
If a user logs in but has not been registered (that is, no account is created for that user), the authentication to the server is retried every 90 seconds. If this is the case, the User Registration icon has a “flag up” status, meaning that a user is waiting to register. If the icon has a “flag down” status, either no user accounts have been created or all active users are logged in, so none are waiting to register.
You can use the Orchestration Console to register a user automatically (see Section 2.3.2, Automatically Registering a User) or to register a user manually (see Section 2.3.3, Manually Registering a User). You can also select which users can log in to create accounts (see Selecting a Resource for Manual Registration
in the NetIQ Cloud Manager 2.1.5 Orchestration Installation Guide).
The Users Monitor has many features to help you manage users when they are registered, including the jobs and joblets assigned to individual users. For more detailed information about the Users Monitor, see the NetIQ Cloud Manager 2.1.5 Orchestration Console Reference.
If your network environment does not require a high level of security (such as in a development and testing environment) and you want a quick way to create a user account without a password, you can do so at the Orchestration Console.
In the Explorer tree of the Orchestration Console, select the grid object representing the Orchestration Server to open the
page of the grid object, then select the tab to open the Authentication page.In the
section of the page, select the check box, then click the Save icon.Use the zos command line interface to log in to the server.
From a system terminal, enter the following command:
zos login -u user_ID
If you are attempting to log in to a machine other than the local host, you can alter the command to the following:
zos login Orchestration_Server_name -u user_ID
When prompted for the user password, press Enter.
(Conditional) If you are prompted for a decision regarding whether you want to accept the server certificate, enter yes.
NOTE:You can assign a password for the user at a later time in the
page of the User Object.When a user logs out, the User object icon is dimmed in the Explorer tree or in the admin view of each User group to which it belongs.
If you want a higher level of security for authorized users, you can manually create a user account in the Orchestration Console before the user logs in. When a user is created in the Orchestration Server Console, that user is ready to run jobs.
To create a new user in the Orchestration Console Explorer tree:
In the Explorer tree of the Orchestration Console, right-click
> click to display the Create a New User dialog box.Specify the name of the new user you want to create in the
field, then click .The user account is created, but is not currently running jobs, as indicated by its object icon in the Explorer tree or in the admin view of each User group to which it belongs.
To create a new user through the
menu:In the Orchestration Console, click
> to display an expanded version of the Create a New User dialog box.This dialog box includes a method for designating the user as a member of the
user group. In this walkthrough, we will create the user as a member of the group, which does not place the user in the administrators group.Specify the new username in the
field, click , then click .Define the user password.
In the Explorer tree of the Orchestration Console, select the new User in the Users object
group to open its Info/Groups page.In the Info/Groups page, select the collapse/expand icon in the Personal Information section to open the fields of that section.
In the
field, change the default password, then click the Save icon to display the Password Confirmation dialog box.In the
field, enter the password you defined previously, click , then click the Save icon to save the password.When a user logs out, the User object icon is dimmed in the Explorer tree or in the admin view of each User group to which it belongs.
If you do not select the
check box on the grid object’s page, you have the option of explicitly accepting or denying the login attempts of a user, thus preventing that user from creating an account.Make sure that the Step 2 in Automatically Registering a Resource
in the NetIQ Cloud Manager 2.1.5 Orchestration Installation Guide) and that you have created a new user.
Use the zos command line interface to log in to the server.
From a system terminal or from an Orchestration Server login in Windows, enter the following command:
zos login --user=user
If you are attempting to log in to a machine other than the local host, you can alter the command to the following:
zos login Orchestration_Server_name --user=user
Enter the password for the user credentials. For this walkthrough, you can simply press
to enter an empty password.When prompted for a decision regarding whether you want to accept the server certificate, enter yes.
An eror message is generated:
ERROR: login failed: user name or password ‘incorrect’
In the Users Monitor, click the User Registration icon to open the User Registration Monitor dialog box.
This dialog box lets you preview the users who are trying to log in to the server. The top row of radio buttons is a mass selector for all listed users, allowing you the choice to accept, deny, or ignore automatic registration for all listed agents.
If you want to choose the users that can be allowed to auto register, you can identify the user by name and select how you want to handle that agent’s request for registration the next time it tries to log in.
For this example, select the
radio button adjacent to the user you want to register, then click .The user account is created, but is not currently running jobs, as indicated by its object icon in the Explorer panel, or in the Information view of each User group to which it belongs.
There are some configuration steps you need to follow in the Orchestration Console if you want to immediately configure the authentication of both users and resources to the Orchestration Server using a directory service like ADS or LDAP. For more information, see Orchestration Server Authentication Page
in the NetIQ Cloud Manager 2.1.5 Orchestration Console Reference.