<div dir="ltr">Gunnar<br>I tested and found that this problem is only seen when we don't assign privilege to user after creating using IPMItool. See below steps for more details. <br> <br>Step to hit the problem and fix it up.<br>1. Create IPMI user using below command<br> ipmitool -I lanplus -H <BMC_IP> -U root -P 0penBmc user set name 2 user_ipmi<br><br>2. Login to GUI and navigate to user account page(here you will see no user exist message in GUI's user page)<br><br>3. Now assign any privilege to user using below command<br> ipmitool -I lanplus -H <BMC_IP> -U root -P 0penBmc channel setaccess 1 2 privilege=2<br> <br>4. Now refresh the GUI user page(here you will see that all users are visible now).<div><br></div><div>This problem is not with Redfish as we are able to see all users after creating user using IPMI without any permission. So this seem like a problem which need to be fixed from GUI side.<br><div><br></div><div>$ curl -k -H "X-Auth-Token: $bmc_token" -X GET https://${BMC_IP}/redfish/v1/AccountService/Accounts/<br>{<br> "@odata.context": "/redfish/v1/$metadata#ManagerAccountCollection.ManagerAccountCollection",<br> "@<a href="http://odata.id">odata.id</a>": "/redfish/v1/AccountService/Accounts",<br> "@odata.type": "#ManagerAccountCollection.ManagerAccountCollection",<br> "Description": "BMC User Accounts",<br> "Members": [<br> {<br> "@<a href="http://odata.id">odata.id</a>": "/redfish/v1/AccountService/Accounts/user_ipmi"<br> },<br> {<br> "@<a href="http://odata.id">odata.id</a>": "/redfish/v1/AccountService/Accounts/root"<br> }<br> ],<br> "Members@odata.count": 2,<br> "Name": "Accounts Collection"<br></div><div><br></div><div>Thanks</div><div>Rahul</div></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Thu, Sep 26, 2019 at 3:13 AM Gunnar Mills <<a href="mailto:gmills@linux.vnet.ibm.com">gmills@linux.vnet.ibm.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div bgcolor="#FFFFFF">
<p><br>
</p>
<div>On 9/25/2019 5:20 AM, rgrs wrote:<br>
</div>
<blockquote type="cite">
<div><br>
</div>
<div>Is there any difference in user management from WebUI and
ipmitool?<br>
</div>
<div>When I add user via WebUI, a user is created and deleted
immediately. Not sure why.<br>
</div>
</blockquote>
<p>The WebUI uses the Redfish API to create/update/delete users. <br>
<a href="https://github.com/openbmc/phosphor-webui/blob/418db63c77aad03fe3401c7acd9f9792fab96a68/app/common/services/api-utils.js#L616" target="_blank">https://github.com/openbmc/phosphor-webui/blob/418db63c77aad03fe3401c7acd9f9792fab96a68/app/common/services/api-utils.js#L616</a><br>
</p>
<p> Ratan or Richard do you know what is going on here?</p>
<blockquote type="cite">
<div>When I add user via IPMItool, users are getting added but
WebUI user configuration page is blank.<br>
</div>
</blockquote>
<br>
I thought IPMI and Redfish users were treated the same in
phosphor-user-manager.<br>
<br>
What version of OpenBMC?<br>
<br>
<blockquote type="cite">
<div><br>
</div>
<div><b><u>Logs:</u></b><br>
</div>
<div><b>journalctl (User creation with WebUI):</b><br>
</div>
<div>Sep 25 09:17:52 mybmc nslcd[1127]: [200854]
<passwd="TestUser"> no available LDAP server found: Server
is unavailable: Transport endpoint is not connected<br>
</div>
<div>Sep 25 09:17:52 mybmc nslcd[1127]: [b127f8]
<passwd=1000> no available LDAP server found: Server is
unavailable: Transport endpoint is not connected<br>
</div>
<div>Sep 25 09:17:52 mybmc useradd[1816]: new user: name=TestUser,
UID=1000, GID=100, home=/home/TestUser, shell=/bin/sh<br>
</div>
<div>Sep 25 09:17:52 mybmc useradd[1816]: add 'TestUser' to group
'web'<br>
</div>
<div>Sep 25 09:17:52 mybmc useradd[1816]: add 'TestUser' to group
'redfish'<br>
</div>
<div>Sep 25 09:17:52 mybmc useradd[1816]: add 'TestUser' to group
'priv-admin'<br>
</div>
<div>Sep 25 09:17:52 mybmc useradd[1816]: add 'TestUser' to group
'ipmi'<br>
</div>
<div>Sep 25 09:17:52 mybmc useradd[1816]: add 'TestUser' to shadow
group 'web'<br>
</div>
<div>Sep 25 09:17:52 mybmc useradd[1816]: add 'TestUser' to shadow
group 'redfish'<br>
</div>
<div>Sep 25 09:17:52 mybmc useradd[1816]: add 'TestUser' to shadow
group 'priv-admin'<br>
</div>
<div>Sep 25 09:17:52 mybmc useradd[1816]: add 'TestUser' to shadow
group 'ipmi'<br>
</div>
<div>Sep 25 09:17:52 mybmc nscd[1092]: 1092 monitored file
`/etc/passwd` was written to<br>
</div>
<div>Sep 25 09:17:52 mybmc nscd[1092]: 1092 monitored file
`/etc/passwd` was moved into place, adding watch<br>
</div>
<div>Sep 25 09:17:52 mybmc nscd[1092]: 1092 monitored file
`/etc/group` was written to<br>
</div>
<div>Sep 25 09:17:52 mybmc nscd[1092]: 1092 monitored file
`/etc/group` was moved into place, adding watch<br>
</div>
<div>Sep 25 09:17:52 mybmc nscd[1092]: 1092 monitoring file
`/etc/passwd` (27)<br>
</div>
<div>Sep 25 09:17:52 mybmc nscd[1092]: 1092 monitoring directory
`/etc` (2)<br>
</div>
<div>Sep 25 09:17:52 mybmc nscd[1092]: 1092 monitoring file
`/etc/group` (28)<br>
</div>
<div>Sep 25 09:17:52 mybmc nscd[1092]: 1092 monitoring directory
`/etc` (2)<br>
</div>
<div>Sep 25 09:17:52 mybmc nscd[1092]: 1092 monitoring file
`/etc/passwd` (27)<br>
</div>
<div>Sep 25 09:17:52 mybmc nscd[1092]: 1092 monitoring directory
`/etc` (2)<br>
</div>
<div>Sep 25 09:17:52 mybmc nscd[1092]: 1092 monitoring file
`/etc/group` (28)<br>
</div>
<div>Sep 25 09:17:52 mybmc nscd[1092]: 1092 monitoring directory
`/etc` (2)<br>
</div>
<div>Sep 25 09:17:52 mybmc phosphor-user-manager[1119]: User
created successfully<br>
</div>
<div>Sep 25 09:17:53 mybmc userdel[1822]: delete user 'TestUser'<br>
</div>
<div>Sep 25 09:17:53 mybmc userdel[1822]: delete 'TestUser' from
group 'web'<br>
</div>
<div>Sep 25 09:17:53 mybmc userdel[1822]: delete 'TestUser' from
group 'redfish'<br>
</div>
<div>Sep 25 09:17:53 mybmc userdel[1822]: delete 'TestUser' from
group 'priv-admin'<br>
</div>
<div>Sep 25 09:17:53 mybmc userdel[1822]: delete 'TestUser' from
group 'ipmi'<br>
</div>
<div>Sep 25 09:17:53 mybmc userdel[1822]: delete 'TestUser' from
shadow group 'web'<br>
</div>
<div>Sep 25 09:17:53 mybmc userdel[1822]: delete 'TestUser' from
shadow group 'redfish'<br>
</div>
<div>Sep 25 09:17:53 mybmc userdel[1822]: delete 'TestUser' from
shadow group 'priv-admin'<br>
</div>
<div>Sep 25 09:17:53 mybmc userdel[1822]: delete 'TestUser' from
shadow group 'ipmi'<br>
</div>
<div>Sep 25 09:17:53 mybmc nscd[1092]: 1092 monitored file
`/etc/passwd` was written to<br>
</div>
<div>Sep 25 09:17:53 mybmc nscd[1092]: 1092 monitored file
`/etc/passwd` was moved into place, adding watch<br>
</div>
<div>Sep 25 09:17:53 mybmc nscd[1092]: 1092 monitored file
`/etc/group` was written to<br>
</div>
<div>Sep 25 09:17:53 mybmc nscd[1092]: 1092 monitored file
`/etc/group` was moved into place, adding watch<br>
</div>
<div>Sep 25 09:17:53 mybmc nscd[1092]: 1092 monitoring file
`/etc/passwd` (29)<br>
</div>
<div>Sep 25 09:17:53 mybmc nscd[1092]: 1092 monitoring directory
`/etc` (2)<br>
</div>
<div>Sep 25 09:17:53 mybmc nscd[1092]: 1092 monitoring file
`/etc/group` (30)<br>
</div>
<div>Sep 25 09:17:53 mybmc nscd[1092]: 1092 monitoring directory
`/etc` (2)<br>
</div>
<div>Sep 25 09:17:53 mybmc nscd[1092]: 1092 monitoring file
`/etc/passwd` (29)<br>
</div>
<div>Sep 25 09:17:53 mybmc nscd[1092]: 1092 monitoring directory
`/etc` (2)<br>
</div>
<div>Sep 25 09:17:53 mybmc nscd[1092]: 1092 monitoring file
`/etc/group` (30)<br>
</div>
<div>Sep 25 09:17:53 mybmc nscd[1092]: 1092 monitoring directory
`/etc` (2)<br>
</div>
<div>Sep 25 09:17:53 mybmc phosphor-user-manager[1119]: User
deleted successfully<br>
</div>
<div><br>
</div>
</blockquote>
</div>
</blockquote></div>