When a user registers an account for the purpose of subscribing to change notices, submitting content, or the like, DSpace creates an EPerson record in the database. Administrators can manipulate these records in several ways.
...
- Login as an Administrator
- Sidemenu "Access Control" → "Groups"
- Edit the Group
- Search for the EPerson & add/remove them from that group.
To debug issues for a specific user, it's possible to login as (or "impersonate") that user account
On the backend, first you MUST enable the "assumelogin" feature. This feature is disabled by default. Update this setting in your local.cfg or dspace.cfg
Code Block |
---|
# Required to use "Impersonate EPerson" feature
# When enabled, a full Administrator can impersonate any other non-Administrative user
webui.user.assumelogin = true |
- Then, from the user interface, login as an Administrator
- Sidemenu "Access Control" → "People"
- Browse or search for the account you wish to login as
- Edit that User, and click the "Impersonate EPerson" button.
- You are now logged in as that user. You'll see an Impersonate icon/button in the header.
- You are able to temporarily manage any activities as that user.
- Once your are done, click the "Stop impersonating EPerson".
- Optionally, you may wish to disable this feature again in your local.cfg by setting the above configuration to "false" or commenting it out.
From the command line
The user
command
...
short | long | meaning |
---|
-M | --modify | required |
-m | --email | identify the account by email address |
-n | --netid | identify the account by netid |
-g | --givenname | First or given name |
-s | --surname | Last or surname |
-t | --telephone | telephone number |
-l | --language | preferred language |
-c | --requireCertificate | certificate required? |
-C | --canLogIn | is the account enabled or disabled? |
-i | --newEmail | set or change email address |
-I | --newNetid | set or change netid |
-w | --newPassword | set or change password |
To delete an account:
Code Block |
---|
|
[dspace]/bin/dspace user --delete -n martha |
...
Code Block |
---|
language | bash |
---|
title | Discovering accounts with unsalted password hashes |
---|
|
[DSpace]/bin/dspace dsrun org.dspace.eperson.Groomer -u |
...
Code Block |
---|
language | bash |
---|
title | Discovering disused accounts |
---|
|
[DSpace]/bin/dspace dsrun org.dspace.eperson.Groomer -a -b 07/20/1969 |
...
Code Block |
---|
language | bash |
---|
title | Deleting disused accounts |
---|
|
[DSpace]/bin/dspace dsrun org.dspace.eperson.Groomer -a -b 07/20/1969 -d |
Cryptographic properties
The cryptographic properties used for generating the salted hashes, to ensure encryption at rest for user passwords, can be found and adjusted in:
https://github.com/DSpace/DSpace/blob/main/dspace-api/src/main/java/org/dspace/eperson/PasswordHash.java