Learn more about creating and managing local users in VMware Data Services Manager.

Creating a Local DSM User

As a DSM administrator, use the DSM console to add a local DSM user. Any local DSM user that you add can provision a database in VMware Data Services Manager.

Perform the following procedure to create a new local DSM user.

Prerequisites

Before you add a user, ensure that you can identify the user's name, email address, role, and contact number (optional).

You will also be required to assign a password for the user. Ensure that the password that you set meets the password policy rules of VMware Data Services Manager. The password must contain:

  • Minimum 8, maximum 20 characters,
  • At least one uppercase letter, one lowercase letter,
  • At least one number, and
  • At least one special character (?!@#$%^&*).

Procedure

  1. Click Permissions in the left navigation pane.
    This actions displays the Permissions view that you use to create and manage the users.
  2. Click DSM USERS.
    This action displays a table that lists the configured users.
  3. Click CREATE.
    The Create Permission form opens.
  4. Set the user properties.
    Property Name Value
    Role The user's role in the organization. You can select one of the following options:
    • DSM Admin - Super user that is able to watch and help maintain all of the data services created.

    • DSM User - Creates and maintains individual databases for their application or other purpose.

    Email

    The email address of the user. This is the user's login username in the VMware Data Services Manager console.

    Password

    The password for the user. For the password, use minimum 8 and Maximum 20 characters, at least one uppercase letter, one lowercase letter, one number and one special character(?!@#$%^&*). This is the user's login password in the VMware Data Services Manager console.

  5. Click CREATE.

    The new Local user is added to the table.

Results

You can later edit users and change their role assignments, or delete a user.

What to do next

Communicate the VMware Data Services Manager password to the user.

Deleting a Local User

As DSM administrator, you can delete a DSM user. The user that you want to delete must not own any active VMware Data Services Manager objects (databases, backups, and log bundles).

You cannot delete a DSM user if you want to keep the user's databases running. Instead, you must reset the user's VMware Data Services Manager password to prohibit access by the user, and then delegate management of these databases to a different user. See Resetting a Local User's Password.

Prerequisites

Before you delete a user, ensure that you have saved a copy of the backups, databases, and log bundles owned or generated by the user, and then delete these entities.

Procedure

  1. Click Permissions in the left navigation pane.
    This actions displays the Permissions view that you use to create and manage the users.
  2. Click DSM USERS.

    This action displays a table that lists the configured users.

  3. Examine the users listed in the table, select the user to delete, and click DELETE.
  4. If you are certain that you want to delete the user, confirm your action.

    The specified user is deleted from VMware Data Services Manager. Deleting this user would revoke their access to DSM and you will have to create a new user later.

Changing Local User Role

As a DSM administrator, you can update the role assigned to a local user.

Prerequisites

You must be able to identify the name of the user.

Procedure

  1. Click Permissions in the left navigation pane.
    This actions displays the Permissions view that you use to create and manage the users.
  2. Click DSM USERS.
    This action displays a table that lists the configured users.
  3. Examine the users listed in the table, select the user to update, and click EDIT.
    The Edit Permissions dialog displays.
  4. Select a new user role and click SAVE.
    The specified user's role is updated.

Resetting a Local User's Password

Use this task to reset a password of a VMware Data Services Manager local user.

  • The user clicks the Forgot Password button on the VMware Data Services Manager login screen to initiate password reset via email. See Recovering the DSM Local User Password.

  • You reset the password manually using the following procedure.

Prerequisites

Ensure that the password you set for the user meets the password policy rules of VMware Data Services Manager. The password must contain:

  • Minimum 8, maximum 20 characters,
  • At least one uppercase letter, one lowercase letter,
  • At least one number, and
  • At least one special character (?!@#$%^&*).

Procedure

  1. SSH into the provider VM.
  2. Run the following command to access the database:
    psql vmware postgres
  3. Run the following on the psql command prompt.
    Replace <DESIRED_PASSWORD> and <DESIRED_LOCAL_USER_EMAIL> with actual values.
    update vmware.user set failed_login_count=null, last_failed_login_time=null, locked_state_start_time=null, force_password_change = false, password = pgp_sym_encrypt('<DESIRED_PASSWORD>', ((select ek.key from vmware.encryption_key ek where ek.type='PGCRYPTO_PASSWORD')), ((select ek.key from vmware.encryption_key ek where ek.type='PGCRYPTO_ALGORITHM'))) where email='<DESIRED_LOCAL_USER_EMAIL>';
    
  4. Confirm the new password by using the following.
    select pgp_sym_decrypt(password, ((select ek.key from vmware.encryption_key ek where ek.type='PGCRYPTO_PASSWORD')), ((select ek.key from vmware.encryption_key ek where ek.type='PGCRYPTO_ALGORITHM'))) from vmware.user where email ='<DESIRED_LOCAL_USER_EMAIL>'; 
    

What to do next

Communicate the new password to the user.