Using Role Based Access Control › Managing Users

Managing Users

A local user is created using the user create command. When you create a local user, it is assigned a unique ID and an entry for that user is created in the local directory service. The new user is not automatically granted any access level rights on any object. Typically, after creating a user, that user is added as a member to one or more local groups. The user then obtains the access level rights of these groups.

Note: Every user is a member of the implicit local group "all". If this group is assigned grid_administrator access level rights on the grid ACL, then every user obtains these rights.

Local user names may include any UTF-8 character with the following exceptions:

• User names may not contain the forward slash character "/"
• User names may not contain ASCII control characters
• User names may not only contain the space or period characters

To create a user

1. Use the user create command (for example, user create user1@domain.com pwd=-)
2. Use the "grid modify_acl" command in the Command Line Shell to add the grid user to the grid_administrator group (for example, grid modify_acl local:user:user1=grid_administrator). For more information, see modify_acl (Grid Control)--Replace Portion Grid ACL in the Command Line Shell Reference Guide.