Managing Local Users

  • Updated on Jan 30, 2026
  • Published on Jan 28, 2026
  • 3 minute(s) read
Prev Next

Local providers let you manage users and groups on the VAST cluster without the need to connect an external authentication and authorization provider, such as Active Directory or LDAP. You can create multiple local providers and associate each provider with one or more tenants. Local providers are useful for:

  • Adding users when you do not have an external provider configured.

  • Adding POSIX attributes for a user which is defined on Active Directory without POSIX attributes. In this case, use the same user name as is used on Active Directory so that the user database will associate these attributes to the same user.

  • Adding users to manually override incorrect or outdated POSIX attributes on external providers.

In case of any conflict between user POSIX attributes on any external authorization provider and the local provider, the local provider attributes override the non-local provider. For more details, see Overview of User Management and Authorization.

Note

Local provider user entries are not included in S3 backup.

Creating a Local User in VAST Web UI

  1. From the left navigation menu, choose User Management and then Users.

  2. In the Users page that opens, click Create User and complete the following fields:

    Name (required)

    The user name.

    UID (required)

    The user's POSIX UID.

    Notice

    This field is required starting with VAST Cluster 5.3.2. When using a version prior to version 5.3.2, this field is optional.

    Local Provider (required)

    Select the local provider with which the user will be associated. If additional providers are created (in the Local Providers tab), you can select one of them.

    Leading group

    The name of the user's leading group.

    This is the group assigned by default as the owning group of any files created by the user.

    Select the group from the dropdown. If the group has not been added to the local provider, add the group first.

    Groups

    Names of other groups that the user belongs to beside the leading group. Also known as auxiliary groups.

    Select groups from the dropdown. If a group has not been added to the local provider, add the group first.

    Select tenant to see  user details

    Select a tenant from the list. Tenants associated with the selected local provider (if any) are shown, as well as the default tenant.

    Allow Create Bucket

    Enable this setting to give the user permission to create S3 buckets.

    The setting will apply to the user for the selected Tenant (it could be set differently for the same user in a different tenant).

    Disabled by default.

    See Managing User S3 Permissions.

    Allow Delete Bucket

    Enable this setting to give the user permission to delete S3 buckets.

    The setting will apply to the user for the selected Tenant (it could be set differently for the same user in a different tenant).

    Disabled by default.

    See Managing User S3 Permissions.

    Identity Policies

    Optionally, select one or more S3 identity policies to assign to the user. If needed, click Add Identity Policy to  create a policy first.Creating Identity Policies

    The list of policies shown are for the selected tenant, if a tenant is associated with the provider.

  3. Click Create. The user is created. Once the user is created, you update it and add S3 access keys to it. Follow the steps in Modifying a User in VAST Web UI.

Modifying a User in VAST Web UI

  1. From the left navigation menu, choose User Management and then Users.

  2. In the Users page that opens, right-click the user, and select Edit.

  3. In the Update User dialog that opens, make the changes you need and click Update, including adding S3 access keys.

    The user is updated with the changes.

Removing a User in VAST Web UI

  1. From the left navigation menu, choose User Management and then Users.

  2. In the Users page that opens, right-click the user that you want to edit and select Remove.

  3. In the confirmation popup, click Yes to confirm the removal.

    The user is deleted from the local provider.

Querying a Local User in VAST Web UI

See Querying Users.

Managing Local Users via VAST CLI

To manage local users using the VAST CLI, use the following commands:

Task

Command

Add a user

user add

Modify a user

user modify

Query local users

user query

Display all local users

user list

Display details of a specific local user

user show

Query a user by prefix

user query-by-prefix

Copy users from the default provider to another local provider

user copy

Related articles
  • Managing Local Users
    VAST Cluster > Version 5.4 > VAST Cluster 5.4 Administrator's Guide > Managing Users > Providers > VAST Providers
  • Managing Local Users
    VAST Cluster > Version 5.4 > VAST Cluster 5.4 Tenant Administrator's Guide > Managing Users
  • Managing Local Users
    VAST Cluster > Version 5.3 > VAST Cluster 5.3 Tenant Administrator’s Guide > Managing Users