<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html><head><meta http-equiv="Content-Type" content="text/html; charset=ANSI_X3.4-1968"><title>3.2. User Administration</title><link rel="stylesheet" type="text/css" href="../../style.css"><meta name="generator" content="DocBook XSL Stylesheets V1.78.1"><meta name="keywords" content="Bugzilla, Guide, installation, FAQ, administration, integration, MySQL, Mozilla, webtools"><link rel="home" href="index.html" title="The Bugzilla Guide - 4.4.8 Release"><link rel="up" href="administration.html" title="Chapter 3. Administering Bugzilla"><link rel="prev" href="parameters.html" title="3.1. Bugzilla Configuration"><link rel="next" href="classifications.html" title="3.3. Classifications"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">3.2. User Administration</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="parameters.html">Prev</a> </td><th width="60%" align="center">Chapter 3. Administering Bugzilla</th><td width="20%" align="right"> <a accesskey="n" href="classifications.html">Next</a></td></tr></table><hr></div><div class="section"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="useradmin"></a>3.2. User Administration</h2></div></div></div><div class="section"><div class="titlepage"><div><div><h3 class="title"><a name="defaultuser"></a>3.2.1. Creating the Default User</h3></div></div></div><p>When you first run checksetup.pl after installing Bugzilla, it will prompt you for the administrative username (email address) and password for this "super user". If for some reason you delete the "super user" account, re-running checksetup.pl will again prompt you for this username and password.</p><div class="tip" style="margin-left: 1em; margin-right: 1em"><table border="0" summary="Tip"><tr><td rowspan="2" align="center" valign="top" width="25"><img alt="[Tip]" src="../images/tip.gif"></td><th align="left"></th></tr><tr><td align="left" valign="top"><p>If you wish to add more administrative users, add them to the "admin" group and, optionally, edit the tweakparams, editusers, creategroups, editcomponents, and editkeywords groups to add the entire admin group to those groups (which is the case by default). </p></td></tr></table></div></div><div class="section"><div class="titlepage"><div><div><h3 class="title"><a name="manageusers"></a>3.2.2. Managing Other Users</h3></div></div></div><div class="section"><div class="titlepage"><div><div><h4 class="title"><a name="user-account-search"></a>3.2.2.1. Searching for existing users</h4></div></div></div><p> If you have <span class="quote">“<span class="quote">editusers</span>”</span> privileges or if you are allowed to grant privileges for some groups, the <span class="quote">“<span class="quote">Users</span>”</span> link will appear in the Administration page. </p><p> The first screen is a search form to search for existing user accounts. You can run searches based either on the user ID, real name or login name (i.e. the email address, or just the first part of the email address if the "emailsuffix" parameter is set). The search can be conducted in different ways using the listbox to the right of the text entry box. You can match by case-insensitive substring (the default), regular expression, a <span class="emphasis"><em>reverse</em></span> regular expression match (which finds every user name which does NOT match the regular expression), or the exact string if you know exactly who you are looking for. The search can be restricted to users who are in a specific group. By default, the restriction is turned off. </p><p> The search returns a list of users matching your criteria. User properties can be edited by clicking the login name. The Account History of a user can be viewed by clicking the "View" link in the Account History column. The Account History displays changes that have been made to the user account, the time of the change and the user who made the change. For example, the Account History page will display details of when a user was added or removed from a group. </p></div><div class="section"><div class="titlepage"><div><div><h4 class="title"><a name="createnewusers"></a>3.2.2.2. Creating new users</h4></div></div></div><div class="section"><div class="titlepage"><div><div><h5 class="title"><a name="self-registration"></a>3.2.2.2.1. Self-registration</h5></div></div></div><p> By default, users can create their own user accounts by clicking the <span class="quote">“<span class="quote">New Account</span>”</span> link at the bottom of each page (assuming they aren't logged in as someone else already). If you want to disable this self-registration, or if you want to restrict who can create his own user account, you have to edit the <span class="quote">“<span class="quote">createemailregexp</span>”</span> parameter in the <span class="quote">“<span class="quote">Configuration</span>”</span> page, see <a class="xref" href="parameters.html" title="3.1. Bugzilla Configuration">Section 3.1, “Bugzilla Configuration”</a>. </p></div><div class="section"><div class="titlepage"><div><div><h5 class="title"><a name="user-account-creation"></a>3.2.2.2.2. Accounts created by an administrator</h5></div></div></div><p> Users with <span class="quote">“<span class="quote">editusers</span>”</span> privileges, such as administrators, can create user accounts for other users: </p><div class="orderedlist"><ol class="orderedlist" type="1"><li class="listitem"><p>After logging in, click the "Users" link at the footer of the query page, and then click "Add a new user".</p></li><li class="listitem"><p>Fill out the form presented. This page is self-explanatory. When done, click "Submit".</p><div class="note" style="margin-left: 1em; margin-right: 1em"><table border="0" summary="Note"><tr><td rowspan="2" align="center" valign="top" width="25"><img alt="[Note]" src="../images/note.gif"></td><th align="left"></th></tr><tr><td align="left" valign="top"><p>Adding a user this way will <span class="emphasis"><em>not</em></span> send an email informing them of their username and password. While useful for creating dummy accounts (watchers which shuttle mail to another system, for instance, or email addresses which are a mailing list), in general it is preferable to log out and use the <span class="quote">“<span class="quote">New Account</span>”</span> button to create users, as it will pre-populate all the required fields and also notify the user of her account name and password.</p></td></tr></table></div></li></ol></div></div></div><div class="section"><div class="titlepage"><div><div><h4 class="title"><a name="modifyusers"></a>3.2.2.3. Modifying Users</h4></div></div></div><p>Once you have found your user, you can change the following fields:</p><div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; "><li class="listitem"><p> <span class="emphasis"><em>Login Name</em></span>: This is generally the user's full email address. However, if you are using the <span class="quote">“<span class="quote">emailsuffix</span>”</span> parameter, this may just be the user's login name. Note that users can now change their login names themselves (to any valid email address). </p></li><li class="listitem"><p> <span class="emphasis"><em>Real Name</em></span>: The user's real name. Note that Bugzilla does not require this to create an account.</p></li><li class="listitem"><p> <span class="emphasis"><em>Password</em></span>: You can change the user's password here. Users can automatically request a new password, so you shouldn't need to do this often. If you want to disable an account, see Disable Text below. </p></li><li class="listitem"><p> <span class="emphasis"><em>Bugmail Disabled</em></span>: Mark this checkbox to disable bugmail and whinemail completely for this account. This checkbox replaces the data/nomail file which existed in older versions of Bugzilla. </p></li><li class="listitem"><p> <span class="emphasis"><em>Disable Text</em></span>: If you type anything in this box, including just a space, the user is prevented from logging in, or making any changes to bugs via the web interface. The HTML you type in this box is presented to the user when they attempt to perform these actions, and should explain why the account was disabled. </p><p> Users with disabled accounts will continue to receive mail from Bugzilla; furthermore, they will not be able to log in themselves to change their own preferences and stop it. If you want an account (disabled or active) to stop receiving mail, simply check the <span class="quote">“<span class="quote">Bugmail Disabled</span>”</span> checkbox above. </p><div class="note" style="margin-left: 1em; margin-right: 1em"><table border="0" summary="Note"><tr><td rowspan="2" align="center" valign="top" width="25"><img alt="[Note]" src="../images/note.gif"></td><th align="left"></th></tr><tr><td align="left" valign="top"><p> Even users whose accounts have been disabled can still submit bugs via the e-mail gateway, if one exists. The e-mail gateway should <span class="emphasis"><em>not</em></span> be enabled for secure installations of Bugzilla. </p></td></tr></table></div><div class="warning" style="margin-left: 1em; margin-right: 1em"><table border="0" summary="Warning"><tr><td rowspan="2" align="center" valign="top" width="25"><img alt="[Warning]" src="../images/warning.gif"></td><th align="left"></th></tr><tr><td align="left" valign="top"><p> Don't disable all the administrator accounts! </p></td></tr></table></div></li><li class="listitem"><p> <span class="emphasis"><em><groupname></em></span>: If you have created some groups, e.g. "securitysensitive", then checkboxes will appear here to allow you to add users to, or remove them from, these groups. The first checkbox gives the user the ability to add and remove other users as members of this group. The second checkbox adds the user himself as a member of the group. </p></li><li class="listitem"><p> <span class="emphasis"><em>canconfirm</em></span>: This field is only used if you have enabled the "unconfirmed" status. If you enable this for a user, that user can then move bugs from "Unconfirmed" to a "Confirmed" status (e.g.: "New" status).</p></li><li class="listitem"><p> <span class="emphasis"><em>creategroups</em></span>: This option will allow a user to create and destroy groups in Bugzilla.</p></li><li class="listitem"><p> <span class="emphasis"><em>editbugs</em></span>: Unless a user has this bit set, they can only edit those bugs for which they are the assignee or the reporter. Even if this option is unchecked, users can still add comments to bugs. </p></li><li class="listitem"><p> <span class="emphasis"><em>editcomponents</em></span>: This flag allows a user to create new products and components, as well as modify and destroy those that have no bugs associated with them. If a product or component has bugs associated with it, those bugs must be moved to a different product or component before Bugzilla will allow them to be destroyed. </p></li><li class="listitem"><p> <span class="emphasis"><em>editkeywords</em></span>: If you use Bugzilla's keyword functionality, enabling this feature allows a user to create and destroy keywords. As always, the keywords for existing bugs containing the keyword the user wishes to destroy must be changed before Bugzilla will allow it to die.</p></li><li class="listitem"><p> <span class="emphasis"><em>editusers</em></span>: This flag allows a user to do what you're doing right now: edit other users. This will allow those with the right to do so to remove administrator privileges from other users or grant them to themselves. Enable with care.</p></li><li class="listitem"><p> <span class="emphasis"><em>tweakparams</em></span>: This flag allows a user to change Bugzilla's Params (using <code class="filename">editparams.cgi</code>.)</p></li><li class="listitem"><p> <span class="emphasis"><em><productname></em></span>: This allows an administrator to specify the products in which a user can see bugs. If you turn on the <span class="quote">“<span class="quote">makeproductgroups</span>”</span> parameter in the Group Security Panel in the Parameters page, then Bugzilla creates one group per product (at the time you create the product), and this group has exactly the same name as the product itself. Note that for products that already exist when the parameter is turned on, the corresponding group will not be created. The user must still have the <span class="quote">“<span class="quote">editbugs</span>”</span> privilege to edit bugs in these products.</p></li></ul></div></div><div class="section"><div class="titlepage"><div><div><h4 class="title"><a name="user-account-deletion"></a>3.2.2.4. Deleting Users</h4></div></div></div><p> If the <span class="quote">“<span class="quote">allowuserdeletion</span>”</span> parameter is turned on, see <a class="xref" href="parameters.html" title="3.1. Bugzilla Configuration">Section 3.1, “Bugzilla Configuration”</a>, then you can also delete user accounts. Note that this is most of the time not the best thing to do. If only a warning in a yellow box is displayed, then the deletion is safe. If a warning is also displayed in a red box, then you should NOT try to delete the user account, else you will get referential integrity problems in your database, which can lead to unexpected behavior, such as bugs not appearing in bug lists anymore, or data displaying incorrectly. You have been warned! </p></div><div class="section"><div class="titlepage"><div><div><h4 class="title"><a name="impersonatingusers"></a>3.2.2.5. Impersonating Users</h4></div></div></div><p> There may be times when an administrator would like to do something as another user. The <span class="command"><strong>sudo</strong></span> feature may be used to do this. </p><div class="note" style="margin-left: 1em; margin-right: 1em"><table border="0" summary="Note"><tr><td rowspan="2" align="center" valign="top" width="25"><img alt="[Note]" src="../images/note.gif"></td><th align="left"></th></tr><tr><td align="left" valign="top"><p> To use the sudo feature, you must be in the <span class="emphasis"><em>bz_sudoers</em></span> group. By default, all administrators are in this group.</p></td></tr></table></div><p> If you have access to this feature, you may start a session by going to the Edit Users page, Searching for a user and clicking on their login. You should see a link below their login name titled "Impersonate this user". Click on the link. This will take you to a page where you will see a description of the feature and instructions for using it. After reading the text, simply enter the login of the user you would like to impersonate, provide a short message explaining why you are doing this, and press the button.</p><p> As long as you are using this feature, everything you do will be done as if you were logged in as the user you are impersonating.</p><div class="warning" style="margin-left: 1em; margin-right: 1em"><table border="0" summary="Warning"><tr><td rowspan="2" align="center" valign="top" width="25"><img alt="[Warning]" src="../images/warning.gif"></td><th align="left"></th></tr><tr><td align="left" valign="top"><p> The user you are impersonating will not be told about what you are doing. If you do anything that results in mail being sent, that mail will appear to be from the user you are impersonating. You should be extremely careful while using this feature.</p></td></tr></table></div></div></div></div><div class="navfooter"><hr><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="parameters.html">Prev</a> </td><td width="20%" align="center"><a accesskey="u" href="administration.html">Up</a></td><td width="40%" align="right"> <a accesskey="n" href="classifications.html">Next</a></td></tr><tr><td width="40%" align="left" valign="top">3.1. Bugzilla Configuration </td><td width="20%" align="center"><a accesskey="h" href="index.html">Home</a></td><td width="40%" align="right" valign="top"> 3.3. Classifications</td></tr></table></div></body></html>