Personal tools
  • We're Hiring!

You are here: Home Documentation Previous versions OME Server System Administration User Administration

User Administration

The vast majority of people who would like to use OME -- OME experimenters -- intend to access it only via the html server or a java client. Every time experimenters connect to OME they must authenticate themselves with a user-name and password. This allows OME to store experimenter-specific settings. Access to data is restricted by its user and group ownership. See the access control documentation here.

Managing Regular Users

OME experimenter accounts and shell accounts on the OMEDS and OMEIS server(s) are disjoint. In fact, most experimenters don't need server shell accounts. Their intentions are translated from mouse clicks on the web-UI to SQL commands against OME's Postgres database using apache's Postgres account (usually www).

An OME unix admin user for OME (see next section) can add users by executing on the OME server: 

ome admin users add
Username? []: wmacur1
First Name? []: Wiktor
Last Name? []: Macura
Email Address? []: wmacur1@umbc.edu
Data Directory? []: /Users/tmacur1
Group ID? []: 3
Password?
Verify: 

Confirm New User's Properties:
      Username: wmacur1
    First Name: Wiktor
     Last Name: Macura
 Email Address: wmacur1@umbc.edu
Data Directory: /Users/tmacur1
      Group ID: 3
Are these values correct ? [y/n]: y
Created user #4.

For situations where you would like a list of existing users: 

ome admin users list
ID  GID Username Name                 Email                Data Directory      
--- --- -------- -------------------- -------------------- --------------------
1   3   tmacur1  Tomasz Macura        tmacur1@lappy-toppy. /Users/igg          
4   3   wmacur1  Wiktor Macura        wmacur1@umbc.edu     /Users/tmacur1

To change an existing user's attributes do: 

ome admin users edit
Username? [nemo]: tmacur1
First Name? [Tomasz]: 
Last Name? [Macura]: 
Email Address? [tmacura@nih.gov]: 
Data Directory? [/Images]: /Users/tmacur1
Group ID? [3]: 

Confirm User's New Properties:
      Username: tmacur1
    First Name: Tomasz
     Last Name: Macura
 Email Address: tmacura@nih.gov
Data Directory: /Users/tmacur1
      Group ID: 3
Are these values correct ? [y/n]: y

Administrative Users

Users who would like to run OME command-line scripts such as ome need server shell accounts. OME command-line scripts access OME's Postgres database by logging in as the user that executed them. Therefore OME admins also need a Postgress account. Otherwise, they get adverse responses such as: 

sudo ome admin users add
 DBI->connect(dbname=ome) failed: FATAL 1:  user "root" does not exist at ...

An OME admin account for the user who is installing OME is by default created automatically by the installer.

The OME Super User

Since access to data in the database is restricted by user and group ownership (see documentation here), a special OME user must be designated as the OME super-user. This super-user has no access control and can access any object in the database. The identity of this OME user is the experimenter set up by the installer during initial installation or update. There is presently no user interface to change this setting, but it can be set manually in the database by setting the value of the 'super_user' configuration variable to the experimenter ID of the new super-user: 

psql ome
ome=#  update configuration set value="4" where name="super_user";

This will update the OME super user to "Wiktor Macura" (using the listing of ome admin users list above as an example).

Document Actions