lscurrentuser

Use the lscurrentuser command to display information for the logged-in user.

Syntax

Read syntax diagramSkip visual syntax diagram lscurrentuser

Parameters

-delim delimiter
(Optional) Specify a delimiter to separate data in the output.
-nohdr
(Optional) Suppress the headings in the output.

Description

When two person integrity (TPI) is enabled, you belong to a security administrator user group, and you run the lscurrentuser command, the following information is displayed:
  • If you don't have an active role elevation request, the role shows Restricted Security Administrator.
  • If you have an active role elevation request, the role shows Security Administrator.

If TPI is not enabled, or it TPI is enabled but you don't belong to the security administrator user group, then the role always matches the user role of the user group.

The Restricted Security Administrator role has access to everything Administrator role has. In addition it allows access to these commands:
  • chuser
  • mkuser
  • rmuser
  • chusergrp
  • mkusergrp
  • rmusergrp
with some restrictions. For example, Restricted Security Administrator role cannot manipulate users or user groups that pertain to Security Administrator role.

The following attribute values can be displayed in the output:

Table 1. lscurrentuser output
Attribute Description
name Indicates the name of the current user.
role Indicates the role of the current user.
owner_id Indicates the ownership group ID of the current user.
owner_name Indicates the ownership group name of the current user.
password_expiry_time Indicates the time when the password expires for the current user.
multi_factor Indicates whether the user currently logged in is a member of a user group with multi-factor authentication enabled. Value can be yes or no.
password_sshkey_required Indicates whether the users currently logged in is a member of a user group with password and SSH key required. Value can be yes or no.
gui_disabled Indicates whether the users currently logged in is a member of a user group with GUI access disabled. Value can be yes or no.
cli_disabled Indicates whether the users currently logged in is a member of a user group with CLI access disabled. Value can be yes or no.
rest_disabled Indicates whether the users currently logged in is a member of a user group with REST-API access disabled. Value can be yes or no.
cim_disabled (Deprecated) CIMOM is disabled and cannot be re-enabled.