Manage user accounts with scripts
The User Management tool enables you to perform user-related tasks.
With the User Management tool, you can perform the following actions:
- Assign administrator permissions to an existing user*
- Create a new administrator*
- Change or reset an existing user's password*.
Note that when shared spaces are enabled, passwords should be reset from the Operator console. For details, see Shared space management. Users can also change their own passwords from the user drop-down menu in the masthead.
- Unlock a user*.
- Import users from a file
- Disable SAML SSO. This option is displayed only when SAML SSO is enabled.
Switch from time-based (hours license) to concurrent license mode. Note that you need to restart the server for the switch to take effect.
- When using the shared spaces feature: Create a new operator or assign operator permissions to an existing user.
* Note: These options are supported for LDAP only when the username is an email.
Running the User Management tool
You run the User Management tool from the Windows or Linux command line.
To run the User Management tool:
Make sure that you are a root, dl, or Digital Lab admin user.
- For Windows, under the Digital Lab installation, make sure you have admin privileges. Navigate to the server\bin folder and run
For Linux, change directory to your Digital Lab installation's server/bin directory and run
- Select the task you want to perform and press Enter.
When creating passwords, make sure to follow the following guidelines: The password must be 6-20 characters, and include at least one uppercase English character, one lowercase English character, and one digit.
Tip: If a user is locked, first unlock the user and then reset the password. This way the user does not need to wait the default locking time interval of 15 minutes before logging in again.
You can run the User Management tool to import users listed in .txt or .csv file.
To import users:
- Make sure you have an admin execution key for authentication. For details, see Access key management.
Create a text file containing the user information. Each user should be on a new line with the fields separated by semicolons, with the following values:
- Username. The user name, or in database mode (not LDAP/SSO) an email, for example, email@example.com
Password. A password following the guidelines describes above. If the user already exists, their password is not changed. For LDAP/SSO mode, leave this value blank. If you enter a value, it is ignored.
- Workspace (optional). A list of workspace names separated by commas. If empty, the user is assigned to the default workspace.
- Role (optional). One of these values: user , admin, or ws admin. If you do not specify a value, the user gets a non-admin User role.
The following table shows sample user entries.
firstname.lastname@example.org; my_pwd; workspace1; User
Valid: A regular user is assigned to workspace1
tom; my_pwd; workspace1; User
Invalid: Wrong user name
email@example.com; my_pwd; ;
Valid: A regular user is assigned to the default workspace
firstname.lastname@example.org; my_pwd; ;userrole
Invalid. The specified role type is wrong.
Run the script as described above and specify the import option.
- Enter the path to a text file with the user information.
- Indicate whether to overwrite existing user roles and workspaces. The default value is No.
Important note for LDAP: This value must always be set to Yes.
- The script console indicates the number of records that succeeded and failed. Check the log file, userOnboarding.log in the Logs folder for details.
Note: When loading users from a file while in LDAP mode, the results always show zero users added, even if new users are actually added.