Hitachi

JP1 Version 12 JP1/Base User's Guide

8.1.6 Using the GUI to set user mapping

To set user mapping through the GUI, in the JP1/Base Environment Settings dialog box, click the User Mapping page. The following figure shows the User Mapping page of the JP1/Base Environment Settings dialog box.

Figure 8‒5: JP1/Base Environment Settings dialog box (User Mapping page)

[Figure]

In the User Mapping page, you can associate the JP1 users registered on the authentication server with one or more users registered on the OS of the local host. Before setting user mapping, you need to assign certain Windows user rights to OS users who are mapped. For details, see 8.1.5 Assigning user permissions to OS users before setting user mapping.

Organization of this subsection

(1) Settings in the Password management area

In Windows, you must enter the OS users to be mapped to JP1 users, and the password information for those OS users, on every host where user mapping is required. This information is registered as password management information in JP1/Base. The Password management area is for registering OS users and their password information as password management information.

You can also use the Password management area to register information-search users, registration of which is used for user authentication linking with the directory server, but you cannot use this area to map them.

If you change the password of the system OS user after registering the password management information, make sure that you also change the password in the registered information.

Notes

  • When The logon check is not done to Windows, when OS user is set is selected, the OS users can be successfully registered even if the following conditions are met:

    - Registration of an OS user not registered in the system (in Windows)

    - Registration of an OS user with an incorrect password

    - Registration of an OS user who does not have the right Log on locally

    If you do not select The logon check is not done to Windows, when OS user is set, any attempt to register an OS user under the above conditions will fail.

  • Before you delete an OS user, make sure that the user is not mapped to any JP1 user. You can check the user mapping information by using either of the following:

    - List of OS users to be mapped in the User mapping tab of JP1/Base Environment Settings

    - jbsgetumap command

To set password management information:

  1. In the Password management area, click the Set button.

  2. You can then register, change, or delete OS users and their password information in the Password Manager dialog box.

    Figure 8‒6: Password Manager dialog box

    [Figure]

    Click the New User button to register a new OS user and password. Click the Change Password button if any registered users have changed their passwords. Click the Delete User button to delete the password of a registered OS user.

    As the OS user name to be registered, you can specify not only a user name but also the name of the domain to which the local host belongs or the local host name. In this case, use a backslash (\) as a separator between the domain or local host name and user name (for example, domain\user1 or server\user1). If you specify a domain name or local host name, JP1/Base checks if the specified OS user is a user who belongs to that domain or is a local user. If the specified OS user name is not a user of the domain or is not a local user, you cannot register the user under the OS user name.

    If you do not specify a domain name or local host name, JP1/Base checks whether the specified OS user is a local user. If the entered OS user is not a local user, JP1/Base checks whether it is a user in a domain containing a trusted domain. If the specified OS user name is not a local user or a user of the domain, you cannot register the user under the OS user name.

    To register an OS user name with the Windows domain controller, use the format domain-name\user-name. As the domain controller does not differentiate between a domain user and local user, the user name will be treated as a domain user.

    Note

    Take care when selecting The logon check is not done to Windows, when OS user is set in the User Mapping page. When this check box is selected, the OS users can still be registered even if an OS user name or password is incorrect. However, if the mapped JP1 user tries to execute a job or remote command, an insufficient rights error occurs.

  3. Click the Exit button.

    The Password Manager dialog box closes, and the User Mapping page of the JP1/Base Environment Settings dialog box appears again.

To Page Top

(2) Settings in the JP1 user area

In the JP1 user area, set the OS users, the JP1 users mapped to OS users, and the server host from which the JP1 users issue operating instructions.

  1. Click the Add button.

    In the JP1 User dialog box, you can then set the JP1 user to map to the OS user, and the server host from which the user issues operating instructions such as jobs and remote commands (automated actions). Or enter an asterisk (*) as a server host name to validate operations from any server host.

    Figure 8‒7: JP1 User dialog box

    [Figure]
    Specifying a physical host in Server host

    Specify the host name displayed by the hostname command. If you are using domain names with the DNS service, also add the host name definition in FQDN format.

    Specifying a logical host in Server host

    Specify the logical host name. If you are using domain names with the DNS service without defining logical hosts in jp1hosts or jp1hosts2 information, also add the logical host name definition in FQDN format.

    To enable users to log into the system from JP1/AJS - View or to execute JP1/AJS commands from the local host, you must specify the local host name as the server host name. For details see the manual JP1/Automatic Job Management System 3 System Design (Configuration) Guide, JP1/Automatic Job Management System 3 System Design (Work Tasks) Guide, and the JP1/Automatic Job Management System 3 Administration Guide.

  2. Click the OK button.

    The JP1 User dialog box closes, and the OS User Mapping Details dialog box appears.

    Figure 8‒8: OS User Mapping Details dialog box

    [Figure]

  3. In the OS User Mapping Details dialog box, associate the entered JP1 user with one or more OS users.

    In this dialog box, set the OS users to be mapped to the JP1 user, and the OS users not mapped to that JP1 user. The OS users listed here are OS users registered in the Password Manager dialog box. Note that, however, you cannot map information-search users.

    As the primary OS user, specify the OS user to be mapped when no OS user name is specified at job execution or command execution.

  4. Click the OK button.

    This completes the mapping of the JP1 user to OS users.

To Page Top

(3) Settings in the List of OS users to be mapped area

The list box in the List of OS users to be mapped area lists the OS users who have been mapped. You can use this list to check which OS user is mapped to a specific JP1 user. You can also change the mapping relationships.

To change mapping relationships:

  1. In the JP1 user area, select a user name listed in the JP1 user field to redefine the mapping relationships for that JP1 user.

    The List of OS users to be mapped area displays the names of the OS users mapped to that user.

  2. Click the Change button.

  3. In the OS User Mapping Details dialog box, you can change which OS users are mapped and not mapped to the OS user, and set the primary OS user.

    Figure 8‒9: A list of the OS users mapped to the selected JP1 user

    [Figure]

  4. Click the OK button.

    This completes the mapping of the JP1 user to OS users.

To Page Top

Copyright (C) 2019, 2021, Hitachi, Ltd.

Copyright (C) 2019, 2021, Hitachi Solutions, Ltd.