Create and Manage User Accounts

There are two types of accounts in OnApp: administrators and users. An administrator account is created automatically when OnApp is installed. Administrators have full access to the system, including managing virtual servers and Compute resources, performing actions on templates and backups, and configuring data stores and networks. There can be several administrators in OnApp. User accounts are created by administrators, and only have access to those actions which are specified by an administrator. In this document you can find information on how to manage user accounts. 


View Users


For a quick view of user account details, go to your Control Panel > AdminUsers menu. You'll see a list of all user accounts in your cloud, along with their details:

  • Full name – user's name and surname
  • Username – user's screen name
  • User role – the role set for the user
  • User group – the group to which the user is assigned
  • Status – user's status (active , suspended, or deleted )

If you are viewing the users list on a narrow screen, you can customize the way the table is displayed by clicking the actions icon at the top of the table. In the drop-down list that appears, check the columns you want to be displayed and click Apply. The narrower your screen is, the more unchecked columns will be hidden from the table. If your screen is too narrow to fit all the columns you have checked, a scrollbar will appear at the bottom of the users list. You can always alter your column selection later.

On this page:

See also:


Column selection is currently set for one browser. If you have checked some columns in one browser and open the list in some other browser, the column selection will be the default one for that other browser.

You can scroll through the list of users with the Previous/Next buttons at the bottom of the screen, as well as use search tool to search for a specific user. Click the Actions button next to the required user to edit, suspend or delete them, view the list of whitelist IPs or login as a user. Click Drop All Sessions button to terminate all sessions. 

Every user including you will be logged out.

To get the list of additional fields, click the User Additional Fields button. To view detailed information about a user's account, click user's full name.

View User Account Details

To view account details of a particular user:

  1. Go to your Control Panel > Admin > Users menu.
  2. On the screen that appears, click the full name of the user to view their account details.

The user details screen that appears shows the following information:

User details
These are the settings which are specified at user creation process.

    • User's avatar (This feature is available if the Use gravatar option is enabled).
    • User's name and surname.
    • User's email.
    • Last access log - click to see information on the IP addresses that logged in to your account directly from the OnApp login page using your login and password, and the time and date of access.
    • Drop other sessions - click this button to drop other sessions except the active one, will be dropped
    • Login - user's screen name.
    • User role – the role set for the user.
    • User group – the group to which the user is assigned. 
    • Time Zone - timezone set for this user.
    • Locale - locales set for this user.
    • System theme - system theme set for this user.
    • Display infoboxes  whether infoboxes are displayed or not for this user.
    • Restore infoboxes - click this button to display infoboxes for the user (this option may be disabled depending on the user's permissions).

    • Send Password Reminder - click this button to send the password reminder to the user. The user will receive an email with a link for change password action. 

      Ensure that Allow user to send password reminder permission is on before sending password reminder. For more information about permissions refer to the List of all OnApp Permissions section of this guide.

Amazon Web Services

Shows the status of the Amazon Web Services: disconnected or connected. For more information, see Enable/Disable AWS.

Here you can also connect Amazon Web Services:

    1. Click the (Connect) icon.
    2. On the following page provide your AWS credentials: AWS access key ID and AWS secret access key.
    3. Click Submit to connect AWS to your account.

2-factor Authentication

  • This section appears in the profile if you have either the Update Yubikey or the Update own Yubikey permission enabled or TOTP authentication is enabled for the cloud. 

  • You can use only one two-factor authentication option per user profile (Yubikey or TOTP). Once the TOTP authentication is enabled successfully, the Yubikey switch will become disabled.

Here you can enable/disable logging into OnApp using a YubiKey, add/delete YubiKeys, and enable/disable TOTP authentication. It is required to add at least one YubiKey to the user profile at Manage YubiKeys before you can enable the Use YubiKey option.

    • TOTP Autentication - move the slider to the right to enable logging in by using time-based two-factor authentication. In the pop-up window that appears, scan the QR code with your mobile application (Google Authenticator or any other TOTP authentication app that complies with the RFC). Enter the generated one-time password to validate that the application works properly. If the password is correct, the TOTP Authentication will become enabled. This slider will be displayed only if TOTP authentication is enabled for the cloud. 
    • Use Yubikey - move the slider to the right to enable logging in  by using a YubiKey for this user. You can enable this option only if you have added at least one YubiKey to your profile. If you delete all your Yubileys, this option will be disabled automatically.
    • Manage YubiKeys - click this button to add or delete YubiKey to your profile. The pop up window shows the list of your YubiKeys and the time of usage for each of them. You can add up to five YubiKeys.
      • To add a new YubiKey:
        1. Enter a label for your YubiKey in the Enter label field.
        2. Click the Touch your yubikey field.
        3. Press your finger to the gold Yubikey button. A long line of characters will appear in the field and the new Yubikey will be added to your profile.
      • To delete a YubiKey click the  button next to the YubiKey you want to delete.

      Be careful when deleting a YubiKey as it will no longer be possible to log in using that Yubikey unless you add it again to your profile.

      The Yubico info section will appear in the user profile only if the Use Yubico login option is enabled for your cloud at Control Panel > Settings > Configuration.

Billing Details

    • Price per last hour - shows the price for VSs, Load Balancers, and other resources charged for the previous hour.
    • Price per last hour (including discount) - shows the price for VSs, Load Balancers, and other resources charged for the previous hour with the discount included (if any).
    • Bucket - the bucket this user is assigned to. Click the bucket label to see its details.
    • Outstanding amount- the total amount of money owned by this user since it has been created, for all resources, minus the amount of Payments. The sum is displayed for the period since a user has been created until the last 24hrs.
    • Monthly fee - a set monthly price for a bucket.
    • Total cost - the sum of all used resources cost and virtual servers cost. This sum does not take into consideration the free limits for resources set in the bucket. The cost that takes into account the bucket's free limits is displayed in the Total cost with discount field. 
    • Payments - the total amount of payments made.
    • Discount due to free - the price of the resources that were created within the bucket's free limits. This sum will be subtracted from the Total cost.
    • Total cost with discount - the price of used resources that excludes the cost of the resources that were created within the bucket's free limits.
    • Virtual Server Hourly Statistic - clicking this link will generate billing statistics for all virtual servers owned by this user. For more information, see Virtual Server Billing Statistics.
    • User Statistic - clicking this link will generate user's resource usage statistics. For more information, see User Billing Statistics.
    • Monthly Bills - clicking this link will generate the bills list that shows the total due per each month of the year. To view billing statistics, select a year from the drop-down list and click Apply. The list that appears displays a particular month of the selected year and the cost of used resources for that month. At the bottom of the list there is the total amount of money which was to be paid for the selected period.
    • System Service Add-ons Report - report for the system service add-ons usage.
    • SPLA Report - report for Windows system service add-ons.

Prices

The list of all used resources and their price per hour for two states: server powered ON and server powered OFF. The prices in this section do not take into consideration the free limits for resources set in the bucket. 

Servers

Shows the list of all virtual servers, load balancers, edge servers, smart servers, application servers in the cloud with their prices for server on and off. The prices in this section do not take into consideration the free limits for resources set in the bucket. 

Backups

The prices in this section do not take into consideration the free limits for resources set in the bucket. 

    • Backups Count - the price per hour for the quantity of the user's backups.
    • Templates Count - the price per hour for the quantity of the user's templates.
    • ISOs Count - the price per hour for the quantity of the user's ISOs.
    • OVAs Count - the price per hour for the quantity of the user's OVAs.
    • Templates, ISOs & Backups Disk Size - the price per hour for the disk space user's /ISOs/OVAs/backups/templates occupy.
    • Recovery Points Count - the price per hour for recovery points created on the backup resource.
    • Autoscaling Monitor Fee - the price per hour for autoscaling monitors.
    • Backup Server Groups - the price per hour for the resources consumed by backup server groups.

Create User

To add a new user:

  1. Go to your Control Panel > Admin > Users menu. You'll see a list of all user accounts in your cloud.
  2. Click the Create User button at the bottom of the list.
  3. Fill in the user creation form step by step:

    Step 1 of 4

    • Move the Use Gravatar slider to the right to use the gravatar image.

    • Login name - provide user login name. It can consist of 2-40 characters, letters [A-Za-z], digits [0-9], dash [ - ], lower dash [ _ ], [@]. You can use both lower- and uppercase letters.

      The dash [ - ] and [@] symbols are not allowed as first characters of the login name.

    • First name - specify user first name. It can consist of any 1-20 characters.
    • Last name - specify user last name. It can consist of any 1-20 characters. 
    • Email address - specify user email.
    • Time zone - select the required time zone from the drop-down box.
    • Locale - specify user locale settings by selecting the appropriate locale from the drop-down box (see Locales section for details).
    • Password - specify user password and confirm it. The password can consist of 6-40 characters and must meet the password complexity requirements.
    • Repeat password - repeat user password
    • Additional info - fill in a custom field, created using Additional fields functionality, with corresponding information
    • Display infoboxes - move the slider to the right to display guidance infoboxes for the user.

    • Click Next.


    Step 2 of 4

    • User role - select the user role for this user.
    • User group - assign a user to the user group by selecting the required user group from the drop-down box.
    • Click Next.

    Step 3 of 4

    • Assign a user to the bucket by selecting the required bucket from the drop-down box. 
    • Click Next.

    Step 4

    • Specify Auto-suspending options if any. You can configure the system to suspend a user at a definite time or in several hours after creation.


  4. Click the Save button to finish.

User Additional Fields


User Additional Fields allow administrators to create custom fields and use them with the API or a third party system. The custom fields are stored and edited in the user profile.

As an administrator, you can create additional field via Users menu. Then when going to a particular user profile, you can use the additional fields as a complementary information. For more info refer to the Create user section of this guide.

  • The User additional fields permissions control the ability to create/edit/delete user additional fields.
  • The Update any user permission controls the ability to assign an additional field for a particular user when creating a new user.

For more information about permissions refer to the List of all OnApp Permissions section of this guide.

To add a new Additional Field:

  1. Log in to the Control Panel as an Admin.
  2. Go to the Admin > Users menu.
  3. On the screen that appears, click the User Additional Fields button at the bottom of the list.
  4. Click the Create Additional Field at the bottom of the list.
  5. Fill in the form that appears. You can choose the string/integer data type, and set the Default Value that will be displayed if a user hasn't specified data for this field, or if they have entered information that doesn't match the data type.
  6. Click the Create New Field button to finish.

To edit or delete an additional field:

  1. Click the Edit icon next to an additional field to change its details.
  2. Click the Delete icon next to an additional field to delete it.


Manage User Payments


To view, add and edit payments for a user:

  1. Go to your Control Panel Admin > Users menu.
  2. Click the name of the required user.
  3. On the screen that appears, click Payments tab.
  4. Click the Edit icon to change details of a specific payment.
  5. Click the Create Payment button at the end of the list to add a new payment.

Also you can add payments at Control Panel > Payments menu. For more information refer to the Create and Manage Payments section of this guide.


View User Statistics


The system has a record of all the billing statistics on a user account for the last three months. If the account was created less than three months ago, statistics are generated for the actual period. You can also define a shorter period by setting Start and End time. 
To view billing statistics for an account:

  1. Go to your Control Panel Admin > Users menu.
  2. You'll see a list of all user accounts in your cloud. Click a name of the appropriate user.
  3. Go to Billing Details and click the User Statistic button.

  4. You can filter the statistics by date and time - select the time period from the drop-down menu and click the Apply button. By default the statistics is generated for the last day. The statistics for each resource is divided into the Costs and Free amount. The Costs of resources do not take into consideration the free limits for resources set in the bucket. The Free amount displays the cost of components within the bucket's free limits for each resource. The Free amount is subtracted from the total cost of a resource. You can see the statistics for the following resources:

    • Backups - the price for the number of backups taken by the user during the chosen period on the compute resource. 
    • Templates - the price for the templates made by the user during the chosen period.
    • ISOs - the price for the number of ISO images uploaded by the user during the chosen period.
    • Templates, ISOs & Backups Storage - the price for the disk space taken by the templates, ISOs, and backups on the compute resource. For backups and templates, applies if you use compute resources for disk-related actions. If there is a backup server in the cloud, Backup Zones Backup Disk Size Cost and Template Disk Size Cost will apply. 
    • Backup Zones Backups - the price for the number of backups of the backup zones taken during the selected period. Applies if backup servers are used for disk-related actions. Otherwise Backups cost record will apply.
    • Backup Zones Backup Disk Size - the price for the disk size taken by backups on the backup servers during the predefined period. Applies if backup servers are used for disk-related actions, otherwise, Templates, ISOs & Backups Storage Costs record will apply. 
    • Backup Zones Templates Count - the price for the number of templates of the backup zones made during the chosen period. 
    • Backup Zones Template Disk - the price for the disk size taken by templates stored on the backup zones during the predefined period. 
    • Recovery Points - the price for the number of recovery points created by means of a backup plugin
    • Recovery Points Size - the price for the size in Gb occupied by recovery points. 
    • Autoscaling monitor - the price for using the autoscaling monitor during the selected period.
    • Acceleration - the price for the number of accelerated VSs for the selected period.
    • OVAs count - the price for the number of OVAs uploaded by the user during the selected period.
    • OVAs size - the price for the disk size taken by OVA files stored on the backup server during the predefined period.
    • Virtual Servers - the total due for all the VSs minus Backups/Templates Cost (if any) for the predefined period.
    • Total User Resources Costs 
      • User Resources Cost - the price for all the resources, except for virtual servers, consumed by the user during the selected period. This price can include costs of the following resources: 

        • Disk size

        • Data read/written

        • Input/Output requests

        • Port speed

        • Data received

        • Data sent

      • User Resources Free Amount - the price of free limits that will be subtracted from the User Resources Cost. 

      • Monthly Free Amount - the price of all free limits per month for the selected period.

        If the selected period contains several calendar months, for example 10th of February - 10th of March, the Monthly Free Amount will be displayed for both months and the Total Cost will be reduced by the monthly free amount. 


    • Total Cost - the total price for the selected period of time that includes the User Resources Cost and Virtual Servers Cost. 
      • Total Free Amount - the total price of free limits both per hour and per month that will be subtracted from the Total Cost. 
      • Total Cost with Discount - the total price of used resources that excludes the cost of the resources that were created within the bucket's free limits.
      User Statistics
      • Virtual Server - the list of virtual servers owned by the user
      • Total - the total due for a virtual server, including the price for the virtual server itself and all User Resources Cost. The prices in this section do not take into consideration the free limits for resources set in the bucket. 


User Whitelist IPs


Whitelist IP addresses are IPs from which a particular user can access the OnApp control panel. If whitelisted IP addresses are specified for a particular user, the user can only access CP from that defined IP addresses.

To add a whitelist IP address:

  1. Go to your Control Panel > Admin > Users menu.
  2. Click the name of the required user. You will see the User Profile page.
  3. Click the Create White List tab.
  4. On the page that appears, click Create White List IP button.
  5. Fill in the form that appears:
    • IP - an IP you wish to enter to the white list.
    • Description - any description (this may be a reason why you entered an IP to the list, etc.)
  6. Click Save IP.
  7. Repeat steps 4-6 if you need to add more IPs to the white list.

To edit/delete a whitelisted IP address, click the Actions button next to the required IP address, and then choose the required action.


Log in as User


Administrators can log in as a user to see their view of the cloud. To do so:

  1. Go to your Control Panel > Admin > Users menu. You'll see a list of all user accounts in your cloud.
  2. Click Actions next to the user you'd like to log in as and click Login as.
  3. Your screen will be updated and you will be be logged in as the selected user.
  • You cannot log in as a user whose account is locked. First, unlock the account and then login as the user.
  • To return to your original view of the cloud, click the Back to Admin Area link at the top of the screen.



Edit User


To edit a user account:

  1. Go to your Control Panel > Admin > Users menu. You'll see a list of all user accounts in your cloud.
  2. Click the Edit icon next to the user you want to edit.
  3. Change their details as required on the screen that appears:
    • Move the Use Gravatar slider to the right to use the gravatar image.
    • Login name - provide user login name. It can consist of 2-40 characters, letters [A-Za-z], digits [0-9], dash [ - ], lower dash [ _ ], [@]. You can use both lower- and uppercase letters.
    • First name - specify user first name. It can consist of any 1-20 characters.
    • Last name - specify user last name. It can consist of any 1-20 characters.
    • Email address - specify user email.
    • Time zone - select the required time zone from the drop-down box.
    • Locale - specify user locale settings by selecting the appropriate locale from the drop-down box (see Locales section for details).
    • System theme - specify the desired theme for the user CP look and feel.By default, the global cloud settings are applied.
    • Password - specify user password and confirm it. The password can consist of 6-40 characters and must meet the password complexity requirements.
    • Repeat password - repeat user password
    • Display infoboxes - move the slider to the right to display guidance infoboxes for the user.
    • Bucket - select the required bucket from the drop-down box.
    • User roles -  select the user role for this user.
    • User group - assign the user to the user group by selecting the required user group from the drop-down box.
    • Auto suspending - edit the auto-suspending options.
  4. Click the Save button to finish.

Add SSH Key


To add an SSH key to a user profile:

  1. Go to your Control Panel > Admin > Users menu.
  2. Click the Edit icon next to the required user.
  3. Click the SSH Key button.
  4. On the pop-up screen you can add a new key, and edit/delete a key.

The SSH key will be automatically assigned to all VSs the user creates. 
To assign keys to existing VSs, go to the VS Overview > Properties menu.


Delete User


Completely deleting a user from the system is a two-step process.

Step 1. Deleting users and their resources

To delete a user:

  1. Go to your Control Panel > AdminUsers menu. You'll see a list of all user accounts in your cloud.

  2. Click the Actions icon next to the user you want to remove, then choose Delete. A confirmation window with the warning that all resources associated with the user will be removed as well will appear. Click the Confirm button. The additional window pops up with the requirement to enter the admin password. Enter the password and click Confirm.

    To enable confirmation of user deletion by means of password go to Control Panel's Settings menu > Configuration > Defaults tab and move the Enable password protection on user deleting slider to the right. Otherwise, the password protection will be disabled by default.

After this process all user's resources will be deleted, however, the user and their statistics will remain in the cloud. Recipes that run on other user's resources are not deleted after their owners are removed. These recipes can be accessed via Recipes > Unowned recipes menu. User with global permissions can become an owner of any of the unowned recipes by choosing Actions > Become an owner.

Step 2. Erasing the user

The deleted user will appear in the users list with the deleted status. The cloud administrator can completely erase the user from the cloud by performing the following procedure:

  1. Go to your Control Panel's Users menu. You'll see a list of all user accounts in your cloud. Click the Show Deleted button to see the list of deleted users.
  2. Click the Actions icon next to the user you want to delete, then choose Erase. You'll be asked for confirmation before the user is erased.

Suspend and Activate Users


Please note that suspending a user results in powering off (suspending) all one's active virtual servers.

Suspending a user account makes it inactive, but still present on the system. A suspended user will not be able to log into the Control Panel. To suspend an account:

  1. Go to your Control Panel's Users menu. You'll see a list of all user accounts in your cloud.
  2. Click the Suspend icon next to the user you want to suspend. You'll be asked for confirmation before the user is suspended.
  3. To activate a suspended user, click the Activate user button next to their entry in the Users menu.
You can also set a user to auto-suspend at a certain time/date on the user's Edit Profile screen (Users > [user name] > Edit Profile tab).

View User Backups


Backups in OnApp clouds are associated with a user account. To view backups of a particular user:

  1. Go to your Control Panel's Users menu.
  2. You'll see a list of all user accounts in your cloud. Click the name of a required user.
  3. On the User Details screen, click Backups tab.
  4. On the screen that appears, you'll see the list of backups that belong to this user along with their details:
    • date when the backup was taken
    • target
    • status
    • backup size
    • initiated
    • backup server
    • note
    • virtual server
    • customer

To move to the VS backups page, delete a backup or convert it to a template, click the Actions button next to template and then select the required action.


Unlock User


To unlock the user:

  1. Go to your Control Panel's Users menu. You'll see a list of all user accounts in your cloud.
  2. Click the Actions button next to the locked user, then click the Unlock Account button.