The User Management of the WSO2 Carbon facilitates the management
and control of user accounts and user roles at different levels. The user store of Carbon
products can be configured to operate in either one of the following modes. And the functionality depend on it.
Modes of operation
User store operates in read/write mode - In "Read/Write" mode WSO2 Carbon read/write into the user store.
User store operates in read only mode - In "Read Only" mode WSO2 Carbon guarantees that it does not modify any data in the user store. WSO2 Carbon maintains roles and permissions in the Carbon database but it can read users/roles from the configured user store.
Figure 1: User Management
If the user store is operating in read/write mode you can,
Add, modify or remove user accounts
Reset passwords of users
Manage roles of users
Bulk import users from other user stores - bulk import of users is only supported with JDBC user store.
This is not supported with the ldap user store which is the current default user store of carbon.
If you want to use this feature, please change to JDBC user store in user-mgt.xml which can be found in
[carbon_home]/repository/conf.
If the user store is operating in read only mode you can,
View user accounts
User Accounts
To add a user account, click Add New User. Enter the
user name and password, and click Finish. Please note that due to the inherited
behaviour of default user store - which is embedded-ldap, user names are case insensitive in 3.2.0
based carbon products.
To reset password, i.e., to change the password of the user,
click Change Password. Enter the new password and
click Change. Please note that you cannot change the
user name of an existing user.
To delete a user account, click Delete. Please note
that you cannot delete the admin user account from the system.
Bulk Import Users
You can also import users from existing user stores in bulk. You could be managing users in a relational database or a LDAP server. You can export users in to comma separated list (*.csv file) or to an excel sheet (*.xls files) and import into WSO2 Cloud Identity at once. This carbon version supports importing users from a .csv files and Excel sheets. The process can be high lighted as follows.
Step 1 : Export users from the current user store into a .csv file or excel sheet (97/2000/XP versions). Refer documentation and tools available with your current user store on how to export users.
Many visual LDAP tools support exporting users in .csv format. Tools such as Apache Directory Studio, LDAP Amin Tool and Active Directory has step-by-step instructions on how to do it. Values in relational databases can also be obtained in .csv/.xls formats.
The expected format of the CSV file is as follows. The first line of the CSV file will be ignored considering it is not a username.
Figure 2 : Format of the CSV file Step 2 : Login to WSO2 Carbon based product as Organization Admin Step 3 : Click on User Management > Users > Bulk Import users Step 4 : Select the .csv/.xls file from the file browser Step 5 : Give a default password for users and click OK. All the users in .csv/.xls file will be created in WSO2 Carbon user store with the default password given by you. They will be assigned to the everyone role. Step 6 : Inform users to login and change their password within 24 hours.
The default password of the imported users is valid only for 24 hours. You as the system administrator you can resolve issues of expired passwords by login in as the Admin and changing their password available in User Management > Users page.