User Accounts

A valid account is required for access to NSX Advanced Load Balancer through the UI, REST API, or CLI. User accounts can be maintained locally in NSX Advanced Load Balancer or remotely on an authentication, authorization, and accounting (AAA) server.

Notes:

  • To configure or manage user accounts in NSX Advanced Load Balancer, you need a user account with write access to the Accounts section of NSX Advanced Load Balancer. This is defined by the role assigned to the user account.
  • The admin user account is a unique account used for initial setup of Avi Vantage. This account cannot be deleted.

User Account Table

To view the user accounts that are in the local user database, navigate to Administration > Accounts > Users.

user-account-table

For each local user account, the following information is listed:

  • Username – The account name used to log into Avi Vantage through its management interfaces: Avi UI, REST API, or CLI.
  • Status – Status of the user account.
  • Full Name – Full name of the user.
  • Email – Email address of the user.
  • Tenant (Role) – Access settings (write, read, or no access) for each type of resource within Avi Vantage.
  • Last Signed In – System time on the Avi Controller when the user most recently logged in.

Note: Starting with NSX Advanced Load Balancer 22.1.3, the User Account Table UI is enhanced and appears as shown below:

User Account Table

User Account Management

NSX Advanced Load Balancer user accounts having write access to the Accounts section of the application can manage the operations for the user account.

Click the required user account to select it and click the required button from the following:

User Account Table

  • Delete – Removes the selected user accounts from Avi Vantage.
  • Suspend – Deactivates the selected user accounts. A suspended user cannot access Avi Vantage through any of its management interfaces. When the user attempts to log into Avi Vantage, a notice is displayed to inform them of the account suspension, and access is denied.
  • Active – Re-activates the selected user accounts.

Create a User Account

To create a user account in NSX Advanced Load Balancer version 22.1.3 and later,

  1. Navigate to Administration > Accounts > Users, and click Create.
  2. Select the User Status as required.
  3. Enter the Name.
  4. Enter a Username to be used when signing in to NSX Advanced Load Balancer, such as jdoe or jdoe@avinetworks.com.
  5. Enter a case-sensitive Password. Alternatively, you can click Generate for NSX Advanced Load Balancer to provide a random password for the new user.
  6. Enter the Email address of the user. The email address provided is used for password reset. See Password Recovery..
  7. Select a User Profile to apply attributes related to the user account. By default, there are two user profiles available:
    • Default-User-Account-Profile
    • No-Lockout-User-Account-Profile Note: Click on the vertical ellipses for the User Profile to Create a user profile or Edit an existing one. To know more, see the User Profile article.
  8. Click Add under Roles for all Tenants and select the Roles that define the areas of NSX Advanced Load Balancer to which the user account will be allowed access. For each system area, the role defines whether the user account has read, write, or no access. Avi Vantage comes with predefined roles. In addition, users who have write access to the Accounts section of Avi Vantage can customize the predefined roles and create new roles. See Roles.
  9. Click Add under Individual Tenants.
    1. In the CREATE INDIVIDUAL TENANT screen, select the Tenant.
    2. Click Add.
    3. Select the required Roles. Tenant Role
    4. Click Save.
  10. Select a Default Tenant for the users, if required.

The General tab of the New User screen is as shown below: New User

The Tenant & Role tab of the New User screen is as shown below: New User

  1. Click Save.

User account creation in NSX Advanced Load Balancer prior to version 22.1.3 appears as follows:

new-user-appadmin