Create and Administer Local Users
This section describes how to create a local user in the AppDynamics Controller UI. You use this procedure to create users if you are not using an external provider, such as LDAP or SAML.
To Create an AppDynamics User
- As an administrator in the Controller UI, click Settings -> Administration.
- Click the Users tab.
- Click the Create New User button.
- Enter the information for the following fields:
- New Password
- Repeat New Password
The username and password fields do not accept the "@" symbol. Also, while the UI does not prevent you from using them, do not use spaces, tabs or these special characters in usernames of accounts that will be used to access the REST API:
& @ : \ / " [ ] | < > + = ; , ? * '
The REST API cannot authenticate user credentials that include these characters.
- Choose at least one role for the new user.
If you do not choose a role before saving, a warning message appears in the UI. You can assign the user to a role later, but the user will not be able to use any features in the UI until assigned a role.
- Optionally, choose a group for the user.
- Click Save.
To Assign a User to a Group
After creating a user, you can assign the user to a group.
- From the user list in the Users tab of the Administration page, select the user whom you want to assign to one or more groups. You can enter a string in the filter field to locate a specific user.
- From the Groups list, check the Member check boxes of the groups to which you want to assign the selected user. Note that:
- You can enter a string in the filter field to locate a specific group.
- Click Select All to check all the groups and Unselect All to uncheck all the groups.
- A single user can be assigned to multiple groups.
- Click Save.
You can also assign users to a group from the Groups tab. See Configure Groups.
To Assign a Role to a User
- In the left panel, select the user to which you want to assign one or more roles. You can enter a string in the filter field to locate a specific user.
- In the Roles list in the right panel, check the Member checkboxes of the roles that you want to assign to the selected user. Note that:
- You can enter a string in the filter field to locate a specific role.
- Click Select All to check all the roles and Unselect All to uncheck all the roles.
- A single user can be assigned multiple roles.
- Click Save.
You can also assign roles to a user from the Roles tab.
Warning: Do not remove yourself from all groups or from all roles. Also, if the only roles of which you are a member are custom roles, do not delete those custom roles or remove permissions from them. Doing these things can result in your being locked out of AppDynamics with no permissions at all. If this happens, contact AppDynamics Support.
To Modify a User's Settings
- In the User list in the left panel, select the user to modify.
- Click the Edit icon.
- Enter the new username or name in the fields in the right panel.
- To change the password, click Change Password and then enter the new password values in the Password and Repeat Password fields in the right panel.
- Click Save.
To Delete a User
- In the User list in the left panel, select the user to delete.
- Click Delete.
To Duplicate a User
- In the User list in the left panel, select the user to duplicate.
- Click the Duplicate User icon.
- Enter a new name and password for the duplicated user.
The new user gets the groups and roles of the user from which the user was copied.
Require Strong Passwords
New in 3.9.3 As an account administrator, you can require local users (those authenticated by AppDynamics) to use strong passwords.
By default, strong password requirements are not enforced, which means that users can configure passwords of any length or complexity. With the requirement enabled, passwords must meet the complexity requirements listed in the Controller UI, which include having at least eight characters, containing both upper and lower case letters, and more.
To enforce strong password requirements, select the Require Strong Passwords check box in the Authentication Provider tab of the Settings -> Administration page.
Passwords set by users after you enable this requirement must meet the requirements listed in the UI. Enabling the option does not affect passwords that are already set.