You must run the azf_administrator_util utility to add one or more
IBM® MFA administrator IDs.
About this task
To add one or more IBM MFA administrator IDs,
complete the following steps:
Procedure
-
Log in to the IBM MFA server system by using
SSH.
-
Change directory (cd) to /opt/IBM/MFA/bin.
-
Run the azf_administrator_util command as root with the
add parameter and provide the required access level to the user. The allowable
access is as follows:
| Access Level |
Allowed Access |
|---|
| NONE |
Nothing is allowed for the provided user ID. |
| READ |
The user ID is allowed to get entity (user, method, and policy) information. |
| ADD |
The user ID is allowed to add entity (user, method, and policy) information. |
| UPDATE |
The user ID is allowed to update entity (user, method, and policy) information. |
| DELETE |
The user ID is allowed to delete entity (user, method, and policy) information. |
| CONTROL |
Includes READ+ADD+UPDATE+DELETE entity (user, method, and policy) access. |
| SUPERADMIN |
Includes CONTROL plus the ability to edit the IBM MFA server options and restart the IBM MFA server through the GUI. |
Specify SUPERADMIN to be able to perform all IBM MFA administrative functions.
./azf_administrator_util add username SUPERADMIN
An output that is similar to the following example is
displayed:
Successfully added administrator user username with permission SUPERADMIN