Managing Local Users

  • Updated on Jan 31, 2026
  • Published on Jan 27, 2026
  • 4 minute(s) read
Prev Next

You can manage users and groups in local providers on the VAST cluster, without the need to connect an external authentication and authorization provider, such as Active Directory or LDAP. You can create multiple local providers and associate each provider with one or more tenants. Local providers are useful for:

  • Adding users when you do not have an external provider configured.

  • Adding POSIX attributes for a user who is defined on Active Directory without POSIX attributes. In this case, use the same user name as is used on Active Directory so that the user database will associate these attributes to the same user.

  • Adding users to manually override incorrect or outdated POSIX attributes on external providers.

In case of any conflict between user POSIX attributes on any external authorization provider and the local provider, the local provider attributes override the external provider. For more details, see Overview of User Management and Authorization.Overview of User Management and Authorization

Note

Local provider user entries are not included in S3 backup.Overview of Backup to S3

Creating a Local User in VAST Web UI

  1. From the left navigation menu, choose User Management and then Local Users.

  2. In the Local Users tab, click Create Local User and complete the following fields:

    Name (required)

    The user name.

    UID

    The user's POSIX UID.

    Local Provider (required)

    Select the local provider with which the user will be associated. If additional providers are created (in the Local Providers tab), you can select one of them.

    Leading group

    The name of the user's leading group.

    This is the group assigned by default as the owning group of any files created by the user.

    Select the group from the dropdown. If the group has not been added to the local provider, add the group first.

    Groups

    Names of other groups that the user belongs to beside the leading group. Also known as auxiliary groups.

    Select groups from the dropdown. If a group has not been added to the local provider, add the group first.

    Select tenant to see  user details

    Select a tenant from the list. Tenants associated with the selected local provider (if any) are shown, as well as the default tenant.

    Temporary password and Generate Password

    Enter a temporary password for the user, or click Generate Password to have it generated.

    The password is needed if the local user is required to login to VMS. The password can be any string matching the password requirements set in VMS settings. The user will be required to change the password when they first login using it. If the user has access to multiple tenants, the same password is used to log in to all of them.

    Allow Create Bucket

    Enable this setting to give the user permission to create S3 buckets. The setting will apply to the user for the selected Tenant (it could be set differently for the same user in a different tenant).

    Disabled by default.

    See Managing User S3 Permissions.

    Allow Delete Bucket

    Enable this setting to give the user permission to delete S3 buckets. The setting will apply to the user for the selected Tenant (it could be set differently for the same user in a different tenant).

    Disabled by default.

    See Managing User S3 Permissions.

    Identity Policies

    Optionally, select one or more S3 identity policies to assign to the user. If needed, click Add Identity Policy to  create a policy first. The list of policies shown are for the selected tenant, if a tenant is associated with the provider.Managing Identity PoliciesCreating Identity Policies

  3. Click Create. The user is created. Once the user is created, you can update it and add S3 access keys to it. Follow the steps in Modifying a User in VAST Web UI.

Modifying a User in VAST Web UI

  1. From the left navigation menu, select User Management and then Local Users.

  2. In the Local Users page that opens, right-click the user, and select Edit.

  3. In the Update User dialog that opens, make the changes you need and click Update, including adding S3 access keys.

    The user is updated with the changes.

Removing a User in VAST Web UI

  1. From the left navigation menu, choose User Management and then Local Users.

  2. In the Local Users page that opens, right-click the user that you want to edit and select Remove.

  3. In the confirmation popup, click Yes to confirm the removal.

    The user is deleted from the local provider.

Querying a Local User in VAST Web UI

See Querying Users or Groups.

Managing Local Users in VAST CLI

To manage local users using the VAST CLI, use the following commands:

Task

Command

Add a user

user add

Modify a user

user modify

Query local users

user query

Display all local users

user list

Display details of a specific local user

user show

Query a user by prefix

user query-by-prefix

Copy users from the default provider to another local provider

user copy

Related articles
  • Managing Local Users
    VAST Cluster > Version 5.3 > VAST Cluster 5.3 Administrator's Guide > Managing Users > Local Providers
  • Managing Local Users
    VAST Cluster > Version 5.4 > VAST Cluster 5.4 Tenant Administrator's Guide > Managing Users
  • Managing Local Users
    VAST Cluster > Version 5.3 > VAST Cluster 5.3 Tenant Administrator’s Guide > Managing Users