To manage users and groups from the CLI, you must create users and groups.

Verify that your user account has the ROLE_SYSTEM_ADMIN system administrator role assigned to it.

See Create Users and Groups with vCloud Application Director CLI.

Note

Unknown CLI options are ignored by the Roo shell.

Manage Users and Groups in the CLI

CLI Command

Description

change-password

Changes the password of the current user.

change-user-password --username UserName

Changes a user's password.

If you run the --password parameter with the login command or a command that lets you add a password, your password is saved as plain text in the darwin-cli-history.log file located in the current directory. By default, the CLI deletes the log file. For added security, delete this log file.

create-group  --name GroupName --description Description

Creates a group.

For example, to create a group called Test Group, use the command create-group --name "Test Group".

create-user --username UserName --firstName FirstName 
--lastName LastName --enabled true --roles 
ROLE_SYSTEM_ADMIN,ROLE_CATALOG_ADMIN,ROLE_CLOUD_ADMIN,ROLE_SYSTEM_INTEGRATOR,ROLE_DEPLOYER,ROLE_APP_ARCHITECT 
--group GroupName --email EmailAddress

Creates a user.

If you specify all the roles shown in this example, the user is the equivalent of the admin user. Specify only the roles the specific user must have.

The valid values for the enabled option are true, yes, 1, false, no, and 0.

If you run the --password parameter with the login command or a command that lets you add a password, your password is saved as plain text in the darwin-cli-history.log file located in the current directory. By default, the CLI deletes the log file. For added security, delete this log file.

update-user --username UserName --roles 
ROLE_SYSTEM_ADMIN,ROLE_CLOUD_ADMIN

Changes the roles assigned to a user.

In this example, the roles ROLE_SYSTEM_ADMIN, ROLE_CLOUD_ADMIN are used. Substitute a comma-separated list of the roles you want the user to have. Do not add a space between the comma-separated list.

update-user --username UserName --group GroupName

Changes a user's group.

enable-user --username UserName

Enables a user account.

disable-user --username UserName

Disables a user account.

Caution

The disable option also allows you to disable your user account. If you are the only user with system administrator privileges, you cannot reenable your user account.

list-user

Lists information about all users.

list-user --username UserName

Displays information about a specific user.

list-roles

Lists information about all the roles.

list-group

Shows information about all the groups.