NAME

      mxuser - add, modify, remove, or list users in Systems Insight Manager


SYNOPSIS

      mxuser -a username [-d description] [-p full | limited | none | +T | -T
      ][ -C authorization_source_user]
      mxuser -a -g usergroupname [-d description] [-p full | limited | none |
      +T | -T ][ -C authorization_source_user]
      mxuser -a -f filename
      mxuser -a -gf -f filename
      mxuser -m username [-d description] [-p full | limited | none | +T | -T
      ]
      mxuser -m -g usergroupname [-d description] [-p full | limited | none |
      +T | -T ]
      mxuser -m -f filename
      mxuser -m -gf -f filename
      mxuser -r username
      mxuser -r -g usergroupname
      mxuser -r -f filename
      mxuser -r -gf -f filename
      mxuser [-l d|f|n|t] [ username ...]
      mxuser [-l dg|fg|ng|tg] [ usergroupname ...]
      mxuser -lf [-b encoding] [ username ...]

    Remarks
      This command does not list the authorizations assigned to a user.	 See
      mxauth(1M).


DESCRIPTION

      The mxuser command allows the user to manage user IDs and usergroups
      in Systems Insight Manager.

      The first, second, third, and fourth forms of mxuser allow a Systems
      Insight Manager user or usergroup with Full Rights to add a new user
      or group to the Systems Insight Manager-managed cluster. The Full
      Rights User may optionally grant or deny Full or Limited Rights to the
      new user or group. The Full Rights allows a user or user group full
      access to Systems Insight Manager capabilities. With Limited Rights
      and No Rights, users are only allowed access to the listing options of
      Systems Insight Manager commands. In addition to listing, the Limited
      Rights user may create tools using the mxtool(1M) command. If the Full
      Rights User does not specify rights for the new user or user group,
      the system assigns Limited Rights to the new user or group by default.
      Additionally, this command provides the Full Rights User with the
      option to assign the new user or group the authorizations of an
      existing user or group by specifying the existing user's name or
      group's name. For a discussion of authorizations, see mxauth(1M).

      The third form allows the Systems Insight Manager Full Rights User to
      add users by specifying a file containing the required information.
      The file must be formatted in the eXtensible Markup Language (XML)
      format defined for Systems Insight Manager users.	 See mxuser(4).

      The third and fourth form allows the Systems Insight Manager Full
      Rights User to add user groups by specifying a file containing the
      required information. The file must be formatted in the eXtensible
      Markup Language (XML) format defined for Systems Insight Manager user
      groups.  See mxuser(4).

      The fourth, fifth, sixth and seventh forms of mxuser allow a Full
      Rights User to modify an existing Systems Insight Manager user's or
      group's description and/or to re-assign rights to an existing user or
      group. The description replaces the existing description for the user
      or group. Any modification of the user's or group's authorizations
      must be through the use of mxauth(1M). As with adding users and
      groups, the users or groups to be modified may be specified on the
      command line or in an XML file. See mxuser(4).

      The eighth and ninth forms of mxuser allows a Full Rights User to
      remove the specified Systems Insight Manager user or group.  This form
      of the command can only remove one user or group at a time. All
      authorizations for this user or group are removed as well. A Systems
      Insight Managed Cluster must have at least one Full Rights User;
      therefore, the last Full Rights User may not be removed.

      If multiple Systems Insight Manager users or groups are be to removed,
      the tenth and eleventh forms of mxuser allows the users or groups to
      be specified in an XML file. See mxuser(4).

      The twelfth form of this command allows Systems Insight Manager user
      information to be listed. Specifying no options with the mxuser
      command provides a listing of user names with no other information.
      This listing is the same as the -l option with the n qualifier. The -l
      option with the d qualifier provides a detailed screen-viewable
      listing of the users. The -l option with the f qualifier provides an
      XML file-formatted listing. The output of the XML file-formatted
      listing is valid input to the -f option. The -l option with the t
      qualifier provides a tabular listing of users with detailed
      information.

      The thirteenth form of the command allows user information to be
      written to an XML file and optionally specify the character encoding
      for the XML file. The value for the character encoding must match a
      valid character encoding. If no encoding is specified, the system
      attempts to write the file in the encoding currently defined for the
      given system. The list of valid character encodings is maintained at
      the following web site
      http://www.iana.org/assignments/character-sets

      Only Systems Insight Manager Full Rights Users may use this command to
      add or remove users or to modify existing user information. Any user
      may use the mxuser command to list user information.
      For backwards compatibility with ServiceControl Manager 3.0, the -p
      option also supports the Trusted and Untrusted User +T and -T options.
      The +T option creates a user with or modifies a user to Full Rights.
      The -T option creates a user with or modifies a user to Limited
      Rights.

      The last form of this command allows Systems Insight Manager user
      group information to be listed. Specifying no options with the mxuser
      command provides a listing of user group names with no other
      information. This listing is the same as the -l option with the ng
      qualifier. The -l option with the dg qualifier provides a detailed
      screen-viewable listing of the users. The -l option with the fg
      qualifier provides an XML file-formatted listing. The output of the
      XML file-formatted listing is valid input to the -fg option. The -l
      option with the tg qualifier provides a tabular listing of users with
      detailed information.

    File Processing
      The mxuser command allows a Full Rights User to add, modify, or remove
      Systems Insight Manager users by specifying an XML file containing a
      list of users and user attributes.

      The XML file format allows one to specify information in addition to
      that allowed by command line options. In the XML file, one may specify
      a user's full name, email address, and phone number.

      The Systems Insight Manager processes the input file data in two
      passes.

      The first pass attempts to parse the XML file and generate a list of
      users to process during the second pass. The first pass ensures that
      the XML file is formatted properly, that the user names are valid, and
      the user objects contain valid information. During the first pass, if
      the Systems Insight Manager detects a error, the Systems Insight
      Manager interrupts the process, issues an error message describing the
      error, and leaves the Systems Insight Manager repository unchanged.

      If the Systems Insight Manager successfully processes the XML file in
      the first pass, the Systems Insight Manager attempts to process the
      user list collected during the first pass. During this second pass,
      the Systems Insight Manager processes the user list until it processes
      the entire list or until the Systems Insight Manager encounters a
      logic error, such as specifying a duplicate user during an add,
      specifying a non-existent user during a modify, or attempting to
      remove the last Full Rights User during a remove.

      If an error occurs during the second pass, the Systems Insight Manager
      interrupts processing at that point and issues an error message. If
      the input file contains valid user data prior to the invalid data, the
      Systems Insight Manager processes that data completely and modifies
      the Systems Insight Manager repository appropriately. The Systems
      Insight Manager ignores all data subsequent to the invalid data.

    Options
      mxuser recognizes the following options:

	   -a		  Indicates that a user is to be added.

	   -r		  Indicates that the user is to be completely
			  removed.

	   -m		  Indicates that a user is to be modified. The user
			  may be granted or denied privileges. A
			  modification of the comment replaces any existing
			  comment.

	   -f filename	  Indicates that information regarding users to be
			  added, modified or removed is provided in the XML
			  file specified by filename (see mxuser(4) ).

	   -l d		  Displays a detailed and screen-viewable listing of
			  user(s) and user attributes.

	   -l f		  Displays an XML listing of user(s) and user
			  attributes (see mxuser(4) ).

	   -l n		  Displays the names (with no details) of user(s).

	   -l t		  Displays a tabular listing of user(s) and user
			  attributes.

	   -b encoding	  Used in conjunction with the -lf option to specify
			  the character encoding for the XML file.

	   -C authorization_source_user
			  Specifies an existing Systems Insight Manager
			  user.	 mxuser will copy the authorizations of the
			  existing user to the new user during the add
			  operation.

	   -d description Specifies the Systems Insight Manager-specific
			  description to be associated with the user.

	   -p full | limited | none | +T | -T
			  Indicates the rights granted to the user. Full
			  rights allow all Central Management Server
			  Configuration operations. Limited rights allow
			  tool creation and all listing operations. No
			  rights allow only listing operations. The +T flag
			  grants full rights to the user. The -T flag grants
			  limited rights to the user. These options are
			  provided for backwards compatibility with
			  ServiceControl Manager 3.0.

      Note: When duplicate options are specified (for example, -f file1 -
      f file2), the last instance of the option will be used by mxuser (in
      this example, file2).


EXTERNAL INFLUENCES

      For HP-UX or Linux, LANG determines the default encoding that the
      system will use to output XML data if no encoding is specified on the
      command line.  If LANG is not specified or null or LANG does not
      correspond to a recognized encoding, it defaults to C (see lang (5)).
      In this case, the user should use the -b option to specify the desired
      encoding of the XML data.


RETURN VALUES

      mxuser returns one of the following values:

	     0		  Successful completion.
	     1		  Command line syntax error.
	     2		  Error in a file operation.
	     3		  Nonexistent user error.
	     5		  Duplicate user error.
	    21		  Invalid name.
	    26		  Invalid operation.
	    50		  Unauthorized user.
	   102		  Systems Insight Manager Repository error.
	   222		  Central Management Server (CMS) is not
			  initialized.
	   249		  Unable to connect to the session manager.
	   250		  Remote exception.
	   252		  File input parsing error.
	   253		  Duplicate name.
	   254		  Systems Insight Manager Properties file error.


EXAMPLES

      This command adds user "jane", a new Database Administrator, and
      grants her Full Rights privilege.

	   mxuser -a jane -d "Database Administrator" -p full

      This command adds user "fred", a Backup Supervisor, grants him Full
      Rights, and assigns him the same authorizations as user "jane".

	   mxuser -a fred -d "Backup Supervisor" -p full -C jane

      This command adds the usre group "mygroup".

	   mxuser -a -g mygroup

      This command assigns limited rights to user "fred".

	   mxuser -m fred -p limited

      This command removes user "fred" from the list of Systems Insight
      Manager users.

	   mxuser -r fred

      This command adds the list of users found in the local file "updates".

	   mxuser -a -f updates.xml

      This command displays the list of Systems Insight Manager user names.

	   mxuser -l

      This command displays a detailed, screen-viewable listing of the
      users.

	   mxuser -l d

      This command displays a tabular listing of users.

	   mxuser -l t

      The output may look like the following:

	   USER	    RIGHTS	COMMENT
	   root	    full	Default Full Rights user
	   jane	    limited	Database Administrator
	   joe	    none	Backup Operator


WARNINGS

      Only Systems Insight Manager Full Rights Users, that is  users with
      full Management Server Configuration Rights, may use this command to
      add or remove users or to modify existing user information.  Any user
      may use the mxuser command to list user information.

      Only a unique instance of any given user name may be added. Attempting
      to add a user name that has already been added to the Systems Insight
      Manager results in an error.

      Only existing users may be successfully removed.


LIMITATIONS

      This command may only be run on the CMS.


AUTHOR

      mxuser was developed by the Hewlett-Packard Company.


SEE ALSO for HP-UX

      mxuser(4), mxauth(1M).


SEE ALSO for Linux

      mxuser(4), mxauth(8).