...
From the browser: JSPUI
TBS
From the command line
The user
command
The dspace user
command adds, lists, modifies, and deletes EPerson records.
To create a new user account:
Code Block |
---|
|
[dspace]/bin/dspace user --add --email jquser@example.com -g John -s User --password hiddensecret
[dspace]/bin/dspace user --add --netid jquser --telephone 555-555-1234 --password hiddensecret |
...
-a | --add | required |
-m | --email | email address |
-n | --netid | "netid" (a username in an external system such as a directory – see Authentication Methods for details) |
-p | --password | a password for the account. Required. |
-g | --givenname | First or given name |
-s | --surname | Last or surname |
-t | --telephone | Telephone number |
-l | --language | Preferred language |
-c | --requireCertificate | Certificate required? See X.509 Authentication for details. |
To list accounts:
Code Block |
---|
|
[dspace]/bin/dspace user --list |
...
short | long | meaning |
---|
-L | --list | required |
To modify an account:
Code Block |
---|
|
[dspace]/bin/dspace user --modify -m george@example.com |
short | long | meaning |
---|
-M | --modify | required |
-m | --email | identify the account by email address |
-n | --netid | identify the account by netid |
-g | --givenname | First or given name |
-s | --surname | Last or surname |
-t | --telephone | telephone number |
-l | --language | preferred language |
-c | --requireCertificate | certificate required? |
-C | --canLogIn | is the account enabled or disabled? |
-i | --newEmail | set or change email address |
-I | --newNetid | set or change netid |
To delete an account:
Code Block |
---|
|
[dspace]/bin/dspace user --delete -n martha |
short | long | meaning |
---|
-d | --delete | required |
-m | --email | identify the account by email address |
-n | --netid | identify the account by netid |
The Groomer
This tool inspects all user accounts for several conditions.
short | long | meaning |
---|
-a | --aging | find accounts not logged in since a given date |
-u | --unsalted | find accounts not using salted password hashes |
-b | --before | date cutoff for --aging |
-d | --delete | delete disused accounts (used with --aging) |
Find accounts with unsalted passwords
Earlier versions of DSpace used an "unsalted hash" method to protect user passwords. Recent versions use a salted hash. You can find accounts which have never been converted to salted hashing:
Code Block |
---|
language | bash |
---|
title | Discovering accounts with unsalted password hashes |
---|
|
[DSpace]/bin/dsrun org.dspace.eperson.Groomer -u |
The output is a list of email addresses for matching accounts.
Find (and perhaps delete) disused accounts
You can list accounts which have not logged on since a given date:
Code Block |
---|
language | bash |
---|
title | Discovering disused accounts |
---|
|
[DSpace]/bin/dsrun org.dspace.eperson.Groomer -a -b 07/20/1969 |
The output is a tab-separated-value table of the EPerson ID, last login date, email address, netid, and full name for each matching account.
You can also have the tool delete matching accounts:
Code Block |
---|
language | bash |
---|
title | Deleting disused accounts |
---|
|
[DSpace]/bin/dsrun org.dspace.eperson.Groomer -a -b 07/20/1969 -d |