You can create repository users from information contained in an input file.
Before you create the users, determine what type of authentication the repository uses. If the server authenticates users against the operating system, each user must have an account on the server host.
If the server uses an LDAP directory server for user authentication, the users do not need to have operating system accounts.
If you specify the properties user_group (the user’s default group) and acl_name (the user’s default permission set), any groups and permission sets must already exist before you import the users.
In 5.3 repositories, if you are creating a user who is authenticated using a password stored in the repository, the password cannot be assigned in the input file. You must assign the password manually. After the user is created, use the instructions in Modifying users to assign the user’s password.
Each user to be imported starts with the header object_type:dm_user. Follow the header with a list of property_name:property_value pairs. The properties user_name and user_os_name are required. In addition, the following default values are assigned when the LDIF file is imported:
Table 23.2. Default values for new users
Argument | Default |
|---|---|
user_login_name | username |
privileges | 0 (None) |
folder | /username |
group | docu |
client_capability | 1 |
Each property_name:property_value pair must be on a new line. For example:
object_type:dm_user user_name:Pat Smith user_group:accounting acl_domain:smith acl_name:Global User Default ACL object_type:dm_user user_name:John Brown
If the ldif file contains umlauts, accent marks, or other extended characters, store the file as a UTF-8 file, or users whose names contain the extended characters are not imported.
The properties you can set through the LDIF file are:
user_name user_os_name user_os_domain user_login_name user_login_domain user_password user_address user_db_name user_group_name user_privileges (set to integer value) default_folder user_db_name description acl_domain acl_name user_source (set to integer value) home_docbase user_state (set to integer value) client_capability (set to integer value) globally_managed (set to T or F) alias_set_id (set to an object ID) workflow_disabled (set to T or F) user_xprivileges (set to integer value) failed_auth_attempt (set to integer value)
You can specify as many of the above properties as you wish, but the property_names must match the actual properties of the type.
The properties may be included in any order after the first line (object_type:dm_user). The Boolean properties are specified using T (for true) or F (for false). Use of “true”, “false”, “1”, or “0” is deprecated.
Any ACLs that you identify by acl_domain and acl_name must exist before you run the file to import the users. Additionally, the ACLs must represent system ACLs. They cannot represent private ACLs.
Any groups that you identify by user_group_name must exist before you run the file to import the users.
Content Server will create the default folder for each user if it does not already exist.
To import new users:
On the file system of the host where your browser is running, create a text file in LDIF format.
Save the text file.
Connect to the repository where you want to create new users.
Click Administration.
Click User Management.
Click File>Import>LDIF.
Indicate the state for the users you are importing.
Active
The user is a currently active repository user. Active users are able to connect to the repository.
Inactive
The user is not currently active in the repository. Inactive users are unable to connect to the repository. A user may be made inactive because of multiple authentication failures or through resetting the state manually. Repositories of version 5.3 and later may be configured so that a user is automatically activated after being inactivated. Refer to the chapter on users in the Content Server Administration Guide for information on how to configure this.
Locked
The user is unable to connect to the repository. A sysadmin or superuser must set a user to this state manually and must manually take a user out of this state.
Locked and inactive
The user is inactive and unable to connect to the repository. A sysadmin or superuser must set a user to this state.
Click Select Source and browse to the location of the LDIF file containing information for creating the new users.
Select a User Source from the list.
In the other fields, specify any property values that apply to all the users you are importing. Values specified in the input file override values specified on this page.
Indicate whether to overwrite or ignore user information for any users who already exist.
Click Finish.