The System Manager provides a number of different interactive guides that help you create and manage user login accounts.
Click a topic for more information:
The User Manager displays the following information about existing user login accounts on the system.
The Login Name column shows the login name of each user.
The Full Name column shows the real name of the person who owns the login account.
The Group Name column shows the group to which the user belongs.
The User Manager also provides access to guides that let you add, modify, and delete user accounts, as well as assign and change user account passwords.
You can use the Get Info button to display detailed information about a user account. See “Viewing User Login Account Information” for more information.
You can create and add users to a group, but not delete users from groups or delete groups. See “Managing User Groups” for this information.
The Task menu contains these choices:
“Add Account” opens the “Add a User Account” guide, which lets you create a new user account on the system. This command is equivalent to the Add button. See “Creating a User Login Account” for more information.
“Change Password” opens the “Modify Any Account Password” guide, which lets you change the password on a user's account. This command is equivalent to the Password button. See “Creating, Changing, and Deleting Passwords” for more information.
“Edit Account” opens the “Modify a User Account” guide, which lets you make changes to an existing user account on the system. This command is equivalent to the Edit button. See “Modifying a User Login Account” for more information.
“Delete Account” opens the “Remove a User Account” guide, which lets you delete an existing user account from the system. This command is equivalent to the Delete button. See “Deleting a User Login Account” for more information.
“Configure Auto Login” opens the “Configure Auto Login” guide, which lets you enable or disable automatic logins. When you enable auto login for a specific login account, that account is automatically opened when the system starts up.
“System Manager” opens the System Manager window, which gives you access to all of the system administration interactive guides.
“Close” closes the Filesystem Manager window. Any changes you made using the guides are saved. This command is equivalent to the Close button.
The Help menu contains a list of help topics. To view a topic, choose it from this menu.
This section contains these topics:
For information about different user types and access privileges, see “About User Privileges.”
Each person who uses this system regularly must have a personal login account. A login account gives a person a unique work area on the system (a home directory) where the person can store files and customize the desktop environment. The system automatically labels the work area and all files that the person creates with the person's login name. Each time a user begins a session on the system, the user types a login name and, if necessary, an associated password. For more information on logging in, see “Logging In to Your System.” For information on creating a user login account, see “Creating a User Login Account.”
The login account can also include a picture of the person. The picture represents the person's account as an icon on the login screen; the user can double-click the picture to log in to their account. For instructions on how to add a picture to a login account, see “Adding a Picture to a Login Account.”
In a situation where you want to share files freely with only some people who have accounts on the system, you can create a user group. The system lets you grant read, write, and execute permissions for a file or directory to three types of users: the file's owner, the members of a specific group of users, and all other users. Once you create a user group, you can set the permissions on all or some of your files so other members of your group can view or change them. For information about user groups, see “Managing User Groups.”
In a large, networked environment, the network administrator maintains a list of user login account information, and makes sure that no two people have the same user login name. Before you create login accounts in such an environment, consult with the network administrator.
Whenever you change account information about a person who has a login account on more than one system on the network, the person's account information is updated on only one system; the information on other systems remains unchanged.
If your network uses the optional NIS network management software, the network administrator maintains a master database of login account information on a special system called the NIS master. Only the network administrator can change information on the NIS master.
When you create a login account for a person whose account information is in the NIS master database, the “Add a User Account” guide does the following:
It fills in the appropriate information with information from the NIS database. For example, it fills in the user ID and the user's Primary group. You can change this information for any account, and the account's owner can change some of their own information. However, the changes apply to the local system only; it does not change the information in the NIS database.
It marks the account as a Network Access account. This means the person can log in to the system only when the network is working correctly and NIS is running.
If a person needs to log in to the system when it's not connected to the network (for example, if a person takes the system home for a period of time), you can convert the account by using the instructions in “Converting Between a Network Access Account and a Local Account.”
If your network use the optional NIS software, the network administrator maintains a master list (located on a system on the network called the NIS master) of all users on the network and their account information. When you create an account on your system, the system automatically checks the NIS master to see if a user account with the same name exists in the master list. If it does exist, you have the option of making the account a network access or local (standalone) account. If it doesn't exist, you can only make the account a local (standalone) account.
When you create a network access account, that account's information is stored in the master list on the NIS master system. This means you can log into your account on your system only when your system is connected to the network, and the NIS master system is up and running.
When you create a local access account, your system finds your account information on your own system. This means you can log in to the system regardless of whether it's connected to the network.
For more information, see “About User Login Accounts on the Network.”
You can use the “Add a User Account” guide to create a user login account for a person. If your system is connected to a network, contact your network administrator for an approved login name and user ID; see “About User Login Accounts on the Network.”
If the System Manager is not already open, start it by choosing “System Manager” from the System toolchest. Select the category “Security and Access Control” and then click “Add a User Account.” The guide leads you through the necessary steps to create a new user login account.
After you create an account, an icon labeled with the user login name and other account information appears in the User Manager window and, when you log out, the icon appears on the login screen. The user can then log in to the account to use the system.
If you do not want this account to appear on the login screen, see “Improving System Security.”
You can view information about user login accounts in the User Manager.
If the System Manager is not already open, start it by choosing “System Manager” from the System toolchest.
Select the category Security and Access Control
Click “User Manager.”
Select the name of a user account and then click the Get Info button.
A User Account Info window appears and displays the user's login name, the user's full name, account type, password status, user ID, primary group, home directory, and default shell program.
You can modify an existing user login account. Click a topic for more information.
You can change system account information only for the system on which you are running the “Modify a User Account” guide.
If the System Manager is not already running, open it by choosing “System Manager” from the System toolchest. Select the Security and Access Control category and then click “Modify a User Account.” The guide leads you through the necessary steps to modify a user account.
When you add a picture to a user's login account, the picture appears in the login screen and the user can double-click it to log into the system.
Follow these steps to add a picture to an account:
Ask the user to store a photo in a file on the system by either of these methods:
Use the Capture tool to take the picture (if the system has an IndyCam). To use the tool, click the word Capture , and use its online help. (Clicking the word does not start the tool unless the tool is already installed on your system.)
Scan in an image on a system that has a scanner. Save the image in a Silicon Graphics Image file format.
Give the file the same name as the user's login name. For example, if the user's login name is “Mary” and she gives you a file named mary.rgb, rename the file mary.
Drag the file into the /usr/local/lib/faces directory.
Note: If /usr/local/lib/faces is not a local directory (that is, if it is an NFS mounted directory), startup time will be noticeably slower for applications that use the photo.
You can create, change, or delete a user account's password. Any user can change the password on his or her own account. The root password is required to change the password on the root account.
To check if a user account has a password, you can open its User Account Info window. Click “User Manager” in the righthand column of the System Manager window; you may need to select the “Security and Access Control” category first. In the User Manager, select the user account and click the Get Info button. (You can also double-click the user account.) The User Account Info window for that account appears. If the account does not have a password, you see the word “No” next to “Password Set.” If the account has a password, you see the word “Yes.”
To create, change, or delete a password on an existing account, use the “Modify Any Account Password” guide. If you want to create, change, or delete the password for your own account, use the “Modify My Account Password” guide; the guide automatically selects your account to modify. You can access both of these guides from the “Common Tasks” field in a User Account Info window.
When you create a login account, you specify whether it should be a local (standalone) or network access account. At a later time, you may decide you want to convert the account from a network access account to a local account, or vice versa. For example, you may have set up a user login account on a system before it was connected to the network or before you installed and started running the optional NIS software.
Follow these steps to convert an account:
Open the User Manager by selecting the Security and Access Control category in the System Manager, and then clicking “User Manager” in the righthand column.
Select the name of a user account and click the Get Info button.
A User Account Info window appears and displays information about the user account. Write down the user's primary group and home directory, and then close the User Account Info window.
Click Remove in the User Manager window.
The “Remove a User Account” guide appears and lets you remove the existing user login account.
Caution: Make sure you do not delete the user's files. If you are converting a local account to a network access account, contact the network administrator and give them the person's full name and login name. The network administrator will use this information to create a network access account on the NIS master system.
Recreate the deleted account using the “Add a User Account” guide. Use the same login name as before, just choose a different type of account (local or network access). Make sure that you use the user's previous home directory and that you leave the user ID alone.
The person can now log into the converted account. Remember that if the account is a network access account, the user can log in only when the system is connected to the network and NIS is running.
When you delete a login account from your system, the person who owns that account can no longer log in to your system. If the person has accounts on other systems, they can still log in to those systems.
You can delete a login account using the “Remove a User Account” guide. If the System Manager is not already running, open it by choosing “System Manager” from the System toolchest. Select the “Security and Access Control” category from the Table of Contents and then click “Remove a User Account.”
To create, change, and delete user groups, you must know the root password. Once the group exists, group members can use the “Modify File Permissions” guide to change permissions on their own files and directories to let other members of the group read or edit the files. See “Understanding Permissions” in the Desktop User's Guide for more information.
A person can belong to several groups, but only one group on this system is the person's primary group. To specify a person's primary group, see “Modifying Account Information.”
You can create a new group by editing the file /etc/group.
| Note: Do not change information for any of the special system groups that were on your system when it was new (groups with ID numbers between 0 and 100 and over 900). They are critical to system operation; changing them will make the system inoperable. |
To edit /etc/group, follow these steps:
Log in as root through a shell window.
Choose “Open Unix Shell” from the Desktop toolchest.
Position your cursor within the new window and enter
login root
If a prompt for a password appears, type the password then press <Enter>. If a prompt appears but the root account has no password, just press <Enter>.
Edit the file.
Open the file with a text editor such as jot by typing
jot /etc/group
Then press <Enter>. For detailed information on using the jot text editor, choose a topic from its Help menu.
After the last line in the file, you'll add a line that specifies the name and ID number of the new group. The entries that you see have this form:
<group name>:<password>:<group ID #>:<members>
The password and list of members is optional. See “User Account Administration” in IRIX Admin: System Configuration and Operation for information on how and why to add these.
Create a name for your group that consists of eight or fewer lowercase letters and does not match any of the group names that you see in this file. Then choose a group ID number between 101 and 899 that does not match any of the group IDs in this file. For example, to create a group named drafting with an ID number of 105, add this line:
drafting::105:
Save your changes and quit jot.
Log out of the root account by typing
logout
Then press <Enter>. The shell window disappears.
You now have a new group that has no members. To assign users to this group, see “Adding Users to a Group.”
See “Changing Permissions” in the Desktop User's Guide for information on changing file permissions so that members of a specific group can read or edit the files.
The Administrator typically adds users to or deletes users from a group. When you delete a user from a group, you do not delete that person's login account. The person no longer belongs to the group, and cannot access files that other group members have marked as accessible by group members.
| Note: Do not assign a user to any of the special system groups that were on your system when it was new (groups with ID numbers between 0 and 100 and over 900). They are critical to system operation; assigning a regular user to the groups severely compromises stable operation. |
Usually a user can belong to only one group. For information on assigning users to multiple groups, see “User Account Administration” in the IRIX Admin: System Configuration and Operation.
You can assign a user to a new group and make it the user's primary group by using the “Modify a User Account” guide.
To assign a user to a new group, follow these steps:
Open the “Modify a User Account” guide.
If the System Manager is not already running, open it by choosing “System Manager” from the System toolchest. Select the Security and Access Control category and then click “Modify a User Account.”
Choose the name of the user account whose user ID you want to change.
On page 7 of the guide, enter the new user ID.
On page 8 of the guide, assign a new primary group to the user account.
Click OK on the last page of the guide to implement the new user ID.
Ask the user whose group ID you changed to log out, then log back in.
When they log in, new files and directories that they create are labeled with the new group name.
The user whose group ID number you changed now has read and execute permissions on all files created by members of the new group (unless a group member changes permissions on individual files). See “Changing Permissions” in the Desktop User's Guide to give members of the same group write permissions (the ability to change each other's files), or to remove read or execute permissions.
When the Administrator deletes a group from your system, the group is no longer available for membership. This means people who used to belong to the group still have active user login accounts, but they are no longer members of a common group.
To delete a group, follow these steps:
Assign to a new group all users who belong to the group that you are deleting. See “Adding Users to a Group.”
Log in as root through a shell window.
Choose “Open Unix Shell” from the Desktop toolchest.
Position your cursor within the new window and type
login root
Then press <Enter>.
If a prompt for a password appears, type the password then press <Enter>. If a prompt appears but the root account has no password, just press <Enter>.
Edit the /etc/group file.
Open the file with a text editor such as jot by typing
jot /etc/group
Then press <Enter>. For detailed information on using the jot text editor, choose a topic from its Help menu.
Find the line that describes the group you want to delete. The entries that you see have this form:
<group name>:<password>:<group ID #>:<members>
Remove the line.
Save your changes and quit jot.
Log out of the root account by typing
logout
Then press <Enter>. The shell window disappears.
Ask all users who previously belonged to the group to log out, then log back in.
When they log in, new files and directories that they create are labeled with the name of the new group to which you assigned them. For more information, see “Understanding Permissions” in the Desktop User's Guide.
The group no longer exists. To create a new group, see “Creating a User Group.”