# Manage users using the GUI

Using the GUI, you can:

* [Manage local users](#manage-local-users)
* [Manage user directory](#manage-user-directory)

## Manage local users

Local users are created in the local system as opposed to domain users that are managed by the organization's User Directory. You can create up to 1152 local users to work with a WEKA system cluster.

![User Management: Local Users page](https://1916840177-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FTUYL9RLgSDAkF2U90csR%2Fuploads%2FUuWXNjUPcrwq9hIi1xT0%2Fwmng_local_users.png?alt=media\&token=c6b80165-5e51-42e9-ba68-a5e90707579c)

### Create a local user

**Procedure**

1. From the menu, select **Configure > User Management**.
2. In the Local Users tab, select **+Create**.
3. In the Create New User dialog, set the following properties:
   * **Username:** Set the user name for the local user.
   * **Password:** Set a password according to the requirements. The password must contain at least 8 characters, an uppercase letter, a lowercase letter, and a number or a special character.
   * **Confirm Password:** Type the same password again.
   * **Role:** Select the role for the local user. If you select an S3 user role, you can select the relevant S3 policy, POSIX UID, and POSIX GID.
4. Select **Save**.

![Create new user dialog](https://1916840177-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FTUYL9RLgSDAkF2U90csR%2Fuploads%2FZOntnjha62EoUZuc8GBQ%2Fwmng_local_users_add.png?alt=media\&token=49b9e4db-3e3e-4d27-8e48-a3623d227879)

### Edit a local user

You can modify the role of a local user, but not your own role (the signed-in user). For an S3 user, you can only modify the S3 policy, POSIX UID, and POSIX GID.

**Procedure**

1. In the Local Users tab, select the three dots of the local user you want to edit, then select **Edit User**.
2. From the Role property, select the required role. If you modify the role to S3, you can set the S3 policy, POSIX UID, and POSIX GID.
3. Select **Save**.

![Edit a local user](https://1916840177-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FTUYL9RLgSDAkF2U90csR%2Fuploads%2F89AWdhMOFVmjrSH9A1SD%2Fwmng_local_users_edit.png?alt=media\&token=3f6ba437-ce4b-4407-ae5d-49ffc04fbdc1)

### Change a local user password

As a Cluster Admin or Organization Admin, you can change the password of a local user and revoke the user's tokens.

**Procedure**

1. In the Local Users tab, select the three dots of the local user you want to change the password for, then select **Change Password**.
2. In the Change Password for a user dialog, set the following properties:
   * **Old password:** Set the old password.
   * **Password:** Set a new password according to the requirements.
   * **Confirm Password:** Type the same new password again.
   * **Revoke Tokens:** If the user's existing tokens are compromised, you can revoke all the user's tokens along with changing the user's password. To re-access the system, the user re-authenticates with the new password, or the user needs to obtain new tokens using the API.
3. Select **Save**.

![Change password for a local user](https://1916840177-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FTUYL9RLgSDAkF2U90csR%2Fuploads%2FrfkvBvi6JqkRyFAoOzSL%2Fwmng_local_users_change_psw.png?alt=media\&token=893e069c-e5de-42c2-9e49-1a6f52c16294)

### Change your own password

You can change your own password at any time.

**Procedure**

1. From the top bar, select the signed-in user, then select **Change Password**.

![Change your own password (signed-in user)](https://1916840177-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FTUYL9RLgSDAkF2U90csR%2Fuploads%2FyY5YaRYiRK1H541hoVcg%2Fwmng_change_your_password.png?alt=media\&token=b3a5c996-031f-4bc3-a70b-83cb99c8a28b)

2\. In the Change Password dialog set the properties as described in the [Change a local user password](#change-a-local-user-password) topic.

3\. Select **Save**.

### Revoke local user tokens

If the user's existing tokens are compromised, you can revoke all the user's tokens, regardless of changing the user's password. To re-access the system, the user re-authenticates with the new password, or the user needs to obtain new tokens using the API.

**Procedure**

1. In the Local Users tab, select the three dots of the local user you want to revoke the user tokens, then select **Revoke User Tokens**.

![Revoke a local user tokens](https://1916840177-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FTUYL9RLgSDAkF2U90csR%2Fuploads%2F8Xh0vHo3qhG1TrN3HRiM%2Fwmng_revoke_user_tokens_menu.png?alt=media\&token=25c76ded-1dec-4292-94af-0c2f0a234db2)

2\. In the confirmation message, select **Revoke Tokens**.

### Remove a local user

You can remove a local user that is no longer required.

**Procedure**

1. In the Local Users tab, select the three dots of the local user to remove, then select **Remove User**.

![Remove a local user](https://1916840177-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FTUYL9RLgSDAkF2U90csR%2Fuploads%2FCbuhcCWLHBEBW7x1LnfT%2Fwmng_remove_user_menu.png?alt=media\&token=6607aa49-e0db-4425-b3d7-56ae1cbf22ba)

2\. In the confirmation message, select **Yes**.

## Manage user directory

You can set user access to the Weka system from the organization user directory, either by LDAP directory or Active Directory.

![User directory tab](https://1916840177-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FTUYL9RLgSDAkF2U90csR%2Fuploads%2Frc5GRoErDlaZqkpAb0g4%2Fuser_directory_tab_no_conf.png?alt=media\&token=f8b1bd8b-4f33-47b9-bd24-30cafcddd822)

### Configure LDAP

To use LDAP directory for authenticating users, you need to configure the corresponding values in the LDAP Configuration dialog.

**Procedure**

1. From the menu, select **Configure > User Management**.
2. Select the User Directory tab.
3. Select **Configure LDAP**.
4. Set all properties according to the organization's LDAP details.
5. Select **Save**.

![Configure LDAP](https://1916840177-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FTUYL9RLgSDAkF2U90csR%2Fuploads%2FmYrCtubHHIQjuGFrmSes%2Fwmng_configure_ldap.png?alt=media\&token=dce513c9-93b8-4e81-91e0-17e390e7cf64)

Once the LDAP configuration completes, the User Directory tab displays the details. You can disable the LDAP configuration, update the configuration, or reset the configuration values.

![LDAP configuration](https://1916840177-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FTUYL9RLgSDAkF2U90csR%2Fuploads%2FyV7BqUxMI1Zvr1jAs6RJ%2Fwmng_ldap_configuration_result.png?alt=media\&token=857da89b-d3c0-4364-952a-4ea2e359db5d)

### Configure Active Directory

To use Active Directory for authenticating users, you configure the corresponding values in the Active Directory Configuration dialog.

**Procedure**

1. From the menu, select **Configure > User Management**.
2. Select the User Directory tab.
3. Select **Configure Active Directory**.
4. Set all properties according to the organization's Active Directory details.
5. Select **Save**.

![Configure Active Directory dialog](https://1916840177-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FTUYL9RLgSDAkF2U90csR%2Fuploads%2FydVjOBm6RwkSSaogthsC%2Fwmng_configure_active_directory.png?alt=media\&token=f8bdbb48-533d-41d6-9446-7c0c061c3c75)

Once the Active Directory configuration completes, the User Directory tab displays the details. You can disable the Active Directory configuration, update the configuration, or reset the configuration values.

![Active Directory configuration](https://1916840177-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FTUYL9RLgSDAkF2U90csR%2Fuploads%2FQUlG13vIwweRcCJyD9i2%2Fwmng_active_directory_dialog.png?alt=media\&token=64aa1d64-5079-4155-80a2-5e96bdae01db)