CN116954825A - User management method, device, electronic equipment, storage medium and program product - Google Patents

User management method, device, electronic equipment, storage medium and program product Download PDF

Info

Publication number
CN116954825A
CN116954825A CN202310947383.2A CN202310947383A CN116954825A CN 116954825 A CN116954825 A CN 116954825A CN 202310947383 A CN202310947383 A CN 202310947383A CN 116954825 A CN116954825 A CN 116954825A
Authority
CN
China
Prior art keywords
user
virtual environment
management platform
identifier
environment management
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202310947383.2A
Other languages
Chinese (zh)
Inventor
马涛
王家学
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Construction Bank Corp
CCB Finetech Co Ltd
Original Assignee
China Construction Bank Corp
CCB Finetech Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Construction Bank Corp, CCB Finetech Co Ltd filed Critical China Construction Bank Corp
Priority to CN202310947383.2A priority Critical patent/CN116954825A/en
Publication of CN116954825A publication Critical patent/CN116954825A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

The application discloses a user management method, a user management device, electronic equipment, a storage medium and a program product, and relates to the technical field of artificial intelligence. The method comprises the following steps: acquiring a virtual environment management platform list to be subjected to target management and a user information list corresponding to the target management; the virtual environment management platform list comprises at least one virtual environment management platform identifier, and a console deployed with the virtual environment management platform is used for managing at least one virtual machine; the user information list includes: at least one user identification; the target management includes: user creation, user destruction, user locking, and user password modification; and aiming at each virtual environment management platform identifier corresponding to the virtual environment management platform resource pool, carrying out target management on at least one user identifier of the virtual environment management platform resource pool according to the user information list. The application improves the efficiency and accuracy of localos user management.

Description

User management method, device, electronic equipment, storage medium and program product
Technical Field
The present application relates to the field of artificial intelligence, and in particular, to a user management method, apparatus, electronic device, storage medium, and program product.
Background
A plurality of virtual machines independent from each other can be created on one physical machine. Currently, multiple virtual machines may be managed through a console deployed with a virtual environment management platform (e.g., vcenter). Taking the virtual environment management platform as a Vcenter as an example, the Vcenter supports two user authentication systems. Among other things, such users that use a user on the operating system where Vcenter resides to authenticate may be referred to as local operating system (locals) users.
At present, the existing localos user is created by logging in the VCenter operating system and interface one by one mainly through manual modes such as operation and maintenance personnel, and operations such as user creation, password setting and the like are executed. Then, a role is allocated to the user and resource access rights are set on the Vcenter interface in a manual mode.
However, when the resource pool size is large and there are a plurality of Vcenter resource pools, the conventional method of manually performing localos user management has problems of low efficiency and poor accuracy.
Disclosure of Invention
The application provides a user management method, a device, electronic equipment, a storage medium and a program product, which are used for improving the efficiency and accuracy of local operating system user management.
In a first aspect, the present application provides a user management method, the method comprising:
acquiring a virtual environment management platform list to be subjected to target management and a user information list corresponding to the target management; the virtual environment management platform list comprises at least one virtual environment management platform identifier, and a console deployed with the virtual environment management platform is used for managing at least one virtual machine; the user information list includes: at least one user identification; the target management includes: user creation, user destruction, user locking, and user password modification;
and aiming at the virtual environment management platform resource pool corresponding to each virtual environment management platform identifier, carrying out target management on at least one user identifier of the virtual environment management platform resource pool according to the user information list.
Optionally, the target management includes: user creation, wherein the target management of at least one user identifier of the virtual environment management platform resource pool according to the user information list comprises the following steps:
responding to a user creation instruction, and logging in the virtual environment management platform operating system;
Creating a user name of a local operating system user corresponding to the user identifier through a user creation command of the virtual environment management platform operating system;
acquiring a password corresponding to the user identifier;
and using the user name of the local operating system user and the password to authorize the login permission of the local operating system user.
Optionally, the target management includes: destroying the user, and performing target management on at least one user identifier of the virtual environment management platform resource pool according to the user information list, wherein the target management comprises the following steps:
responding to a user destroying instruction, aiming at any user identifier in a user destroying corresponding user information list, deleting the login authority of a local operating system user corresponding to the user identifier;
and deleting the user name of the local operating system user corresponding to the user identifier through a user deleting command of the virtual environment management platform operating system.
Optionally, before the responding to the user destruction instruction and destroying any user identifier in the corresponding user information list for the user, deleting the login authority of the local operating system user corresponding to the user identifier, the method further includes:
Receiving a user destruction instruction triggered by a user;
or,
acquiring authority use duration corresponding to each user identifier in the user information list;
when the authority use time length determines that the authority use of the local operating system user corresponding to the user identifier is expired, generating a user information list corresponding to user destruction, and triggering the user destruction instruction.
Optionally, the target management includes: and user locking, wherein the target management of at least one user identifier of the virtual environment management platform resource pool according to the user information list comprises the following steps:
responding to a user locking instruction, aiming at any user identifier in a user information list corresponding to user locking, deleting the login authority of a local operating system user corresponding to the user identifier;
and locking the user name of the local operating system user corresponding to the user identifier through a user locking command of the virtual environment management platform operating system.
Optionally, the target management includes: modifying the user password, wherein the target management of at least one user identifier of the virtual environment management platform resource pool according to the user information list comprises the following steps:
Responding to a user password modification instruction, acquiring a user information list corresponding to user password modification, and modifying passwords corresponding to all user identifiers in the user information list corresponding to user password modification;
and resetting the password of the local operating system user corresponding to the user identifier through a user password resetting command of the virtual environment management platform operating system by using the modified password.
In a second aspect, the present application provides a user management apparatus, the apparatus comprising:
the system comprises an acquisition module, a target management module and a user information management module, wherein the acquisition module is used for acquiring a virtual environment management platform list to be subjected to target management and a user information list corresponding to the target management; the virtual environment management platform list comprises at least one virtual environment management platform identifier, and a console deployed with the virtual environment management platform is used for managing at least one virtual machine; the user information list includes: at least one user identification; the target management includes: user creation, user destruction, user locking, and user password modification;
the processing module is used for carrying out target management on at least one user identifier of the virtual environment management platform resource pool according to the user information list aiming at each virtual environment management platform identifier corresponding to the virtual environment management platform resource pool.
In a third aspect, the present application provides an electronic device comprising a memory and a processor;
the memory stores a computer program;
the processor is arranged to perform the method of any of the first aspects by means of the computer program.
In a fourth aspect, the present application provides a computer-readable storage medium having stored thereon computer-executable instructions which, when executed by a processor, implement the method of any of the first aspects.
In a fifth aspect, the application provides a computer program product comprising a computer program which, when executed by a processor, implements the method of any of the first aspects.
The user management method, the device, the electronic equipment, the storage medium and the program product provided by the application can be used for acquiring the virtual environment management platform list to be subjected to target management and the user information list corresponding to the target management. Then, for each virtual environment management platform identifier, the electronic device can perform target management on at least one user identifier of the virtual environment management platform resource pool according to the user information list. By the method, the goal management of the localos users in the resource pool of the multi-virtual environment management platform is automatically realized, and the efficiency of localos user management is improved. And because the condition that the configuration error occurs in manual operation is avoided, the accuracy of localos user management is improved.
Drawings
In order to more clearly illustrate the application or the technical solutions of the prior art, the following description will be given for a brief introduction to the drawings used in the embodiments or the description of the prior art, it being obvious that the drawings in the following description are some embodiments of the application and that other drawings can be obtained from these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a schematic view of an application scenario of a user management method provided by the present application;
FIG. 2 is a flow chart of a user management method according to the present application;
FIG. 3 is a flowchart illustrating another user management method according to the present application;
FIG. 4 is a schematic flow chart of a method for creating localos in a scene of a multi-Vcenter resource pool provided by the application;
FIG. 5 is a schematic flow chart of a method for destroying localos users in a multi-Vcenter resource pool scene provided by the application;
FIG. 6 is a schematic flow chart of a method for locking locals users in a scene of a multi-Vcenter resource pool provided by the application;
FIG. 7 is a schematic flow chart of a method for modifying a localos user password in a scenario of multiple Vcenter resource pools provided by the application;
Fig. 8 is a schematic structural diagram of a user management device according to the present application;
fig. 9 is a schematic structural diagram of an electronic device according to the present application.
Specific embodiments of the present application have been shown by way of the above drawings and will be described in more detail below. The drawings and the written description are not intended to limit the scope of the inventive concepts in any way, but rather to illustrate the inventive concepts to those skilled in the art by reference to the specific embodiments.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the present application more apparent, the technical solutions of the present application will be clearly and completely described below with reference to the accompanying drawings, and it is apparent that the described embodiments are some embodiments of the present application, not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the application without making any inventive effort, are intended to be within the scope of the application.
It should be noted that, the user information (including but not limited to user equipment information, user personal information, etc.) and the data (including but not limited to data for analysis, stored data, presented data, etc.) related to the present application are information and data authorized by the user or fully authorized by each party, and the collection, use and processing of the related data need to comply with related laws and regulations and standards, and provide corresponding operation entries for the user to select authorization or rejection. In the technical scheme of the application, the related processes of collecting, storing, using, processing, transmitting, providing, disclosing and the like of the information such as financial data or user data are in accordance with the regulations of related laws and regulations, and the public welfare is not violated.
The following first explains some of the noun concepts to which the present application relates:
vcenter: a name of virtual machine management software (which may also be referred to as a virtual environment management platform). The Vcenter installed console can, via VMware vCenter Server, centrally manage all hosts and virtual machines of the data center from the single console. By installing Vcenter, the console aggregates the performance monitoring functions of the cluster, host, and virtual machine. The VMware vCenter Server described above enables a user to learn from one location all of the information of the virtual infrastructure's clusters, hosts, virtual machines, storage, guest operating systems, and other critical components.
Local operating system (Localos) users: taking the virtual environment management platform as Vcenter as an example, vcenter supports two user authentication systems, one is based on domain control, and the user name is in a form of xxx@vspere.local. The other is authentication using a user on the operating system where Vcenter resides, such user being referred to as a Localos user.
VSPHERE SDK (vsphere sdk): vsphere-oriented name of software development kit. The terminal device installed with the tool pack can access and operate various virtualized resources of the VCenter or Vsphere through the SDK.
Django: a name of the open source Web application framework that follows the MTV (i.e., model M, view T, template V) framework. Django can be written by Python, emphasizing code multiplexing, and multiple components can conveniently serve the entire framework in the form of "plug-ins".
Virtualization is a technology of resource management, which may refer to creating multiple virtual machines on one physical machine, and pooling physical resources including servers, CPUs, memories, networks, storages, and the like. Taking a virtualized cloud environment based on VMware implementation as an example, vcenter supports two user authentication systems. One is based on domain control, a user name form such as xxx@vspere.local. Another is to authenticate a user on the operating system where the VCenter (Vcenter, VCenter, and VCenter are the same in the present application) is used, such user being referred to as a localos user.
At present, the creation of the existing locals (locals have the same meaning as locals) users mainly includes logging in a VCenter operating system and an interface by a platform by a manual mode such as operation and maintenance personnel, and executing operations such as user creation, password setting and the like. Then, a role is allocated to the user and resource access rights are set on the Vcenter interface in a manual mode.
However, when the existing method is used for manually managing the locals user, if there are multiple Vcenter resource pools, repeated operations are required to be performed manually to log in the Vcenter operating system and interface for multiple times, and steps such as user creation and password setting are performed, so that the workload is extremely large and configuration errors are easy to occur. That is, in the scenario of multiple Vcenter resource pools, the existing localos user management method has the problems of poor accuracy and low efficiency.
In consideration of the above problems existing in the existing local operating system user management method, the application provides an automatic method for managing the localos users in the resource pool of the multi-virtual environment management platform, so that the situation of configuration errors caused by manual operation is avoided, the accuracy of localos user management is improved, and the efficiency of localos user management is improved through automatic localos user management.
Exemplary, fig. 1 is a schematic view of an application scenario of a user management method provided by the present application. As shown in fig. 1, the main body of execution of the localos user management method may be, for example, any server or an electronic device having processing capability, such as a terminal, which is not limited in the present application. In addition, the application does not limit the number of consoles with virtual environment management platforms deployed and connectable to the electronic equipment and the number of virtual machines controlled by the consoles.
The technical scheme of the present application will be described in detail with reference to specific examples. The following embodiments may be combined with each other, and some embodiments may not be repeated for the same or similar concepts or processes.
Fig. 2 is a flow chart of a user management method provided by the application. As shown in fig. 2, the method may include the steps of:
s101, acquiring a virtual environment management platform list to be subjected to target management and a user information list corresponding to the target management.
The virtual environment management platform may be, for example, vcenter.
Wherein the virtual environment management platform list may include at least one virtual environment management platform identification. A console may be deployed with a virtual environment management platform. The identity of the virtual environment management platforms deployed by different consoles may be different. A console with a virtual environment management platform deployed is used to manage at least one virtual machine. It should be understood that the present application is not limited to how the console deployed with the virtual environment management platform manages the virtual machine, and any existing virtual machine management manner may be referred to.
The user information list may include: at least one user identification. The above object management includes: user creation, user destruction, user locking, and user password modification. Taking the target management as an example of creating for the user or modifying the user password, the user information list may also include the password corresponding to the user identifier, for example.
By way of example, taking the target management as a user creation, the user creation may refer to, for example, identifying a corresponding locals user for the user, and authorizing using the virtual environment management platform to control the authority of the resource object of the virtual machine. The user destruction may include, for example: deleting the localos user corresponding to the user identifier, controlling the authority of the resource object of the virtual machine by using the virtual environment management platform, and deleting the user name of the localos user. The user lock may include, for example: and reserving the user name of the locals user, and deleting the authority of the locals user to control the resource object of the virtual machine by using the virtual environment management platform.
Alternatively, the electronic device may receive, for example, the above-mentioned virtual environment management platform list to be subject to the subject management, and the subject management corresponding user information list, which are input by the user, through an application program interface (Application Programming Interface, API), or a graphical user interface (Graphical User Interface, GUI), or the like.
S102, aiming at each virtual environment management platform identifier, corresponding virtual environment management platform resource pools, and performing target management on at least one user identifier of each virtual environment management platform resource pool according to the user information list.
Optionally, the electronic device may, for example, respond to a target management request triggered by a user, identify, for each virtual environment management platform, a corresponding virtual environment management platform resource pool, and perform the target management on at least one user identifier of the virtual environment management platform resource pool according to the user information list. For example, taking the above objective management as the user destruction as an example, the electronic device may respond to a user destruction request triggered by a user, identify, for each virtual environment management platform, a corresponding virtual environment management platform resource pool, and destroy at least one user identifier of the virtual environment management platform resource pool according to the user information list.
In this embodiment, the electronic device may acquire a virtual environment management platform list to be subjected to target management, and a user information list corresponding to the target management. Then, for each virtual environment management platform identifier, the electronic device can perform target management on at least one user identifier of the virtual environment management platform resource pool according to the user information list. By the method, the goal management of the localos users in the resource pool of the multi-virtual environment management platform is automatically realized, and the efficiency of localos user management is improved. And because the condition that the configuration error occurs in manual operation is avoided, the accuracy of localos user management is improved.
Targeted management includes: user creation is taken as an example, and fig. 3 is a flow chart of another user management method provided by the application. As shown in fig. 3, as a possible implementation manner, the method may include the following steps:
s201, a virtual environment management platform list to be subjected to target management and a user information list corresponding to the target management are obtained.
S202, responding to a user creation instruction, and logging in the virtual environment management platform operating system.
S203, creating a user name of the localos user corresponding to the user identifier through a user creation command of the virtual environment management platform operating system.
Alternatively, the electronic device may receive, for example, the above-described "user-created instruction" triggered by the user, and respond. For example, a user may trigger the user-created instruction by clicking on a "user-created" control displayed by the electronic device. It should be understood that, the manner in which the electronic device logs in to the os of the virtual environment management platform may refer to any existing method for logging in to the os of the virtual environment management platform, which is not described herein again. In some embodiments, the virtual environment management platform operating system may also be referred to as a virtual environment management platform server operating system, or a virtual environment management platform server system.
Optionally, the electronic device may use, for example, a user creation command of the virtual environment management platform operating system to directly use the user identifier as a user name of the corresponding localos user. Or, the electronic device may further input the user identifier to a preset user name generation manner of the localos user, obtain the user name of the localos user corresponding to the user identifier, use the user name, and create the user name of the localos user in the virtual environment management platform operating system through a user creation command of the virtual environment management platform operating system.
S204, acquiring a password corresponding to the user identifier.
For example, the password corresponding to the user identifier may be obtained in advance for the electronic device (for example, the password corresponding to the user identifier is obtained while the user information list corresponding to the target management is obtained) and stored in the electronic device. Alternatively, the electronic device may further display an interface for receiving the password, so as to receive the password corresponding to the user identifier input by the user through the interface
S205, using the user name and the password of the localos user to carry out login permission authorization on the localos user.
For example, the electronic device may invoke the interface of the virtual environment management platform through the vspheresdk, and based on the implementation, use the user name of the localos user described above, and the password, to perform login permission authorization on the localos user.
Optionally, by executing the method once, the electronic device creates, for a virtual environment management platform resource pool corresponding to one virtual environment management platform identifier, at least one user identifier of the virtual environment management platform resource pool according to the user information list. By executing the steps also on the virtual environment management platform resource pools corresponding to the other virtual environment management platform identifiers in the virtual environment management platform list, the electronic device can realize the automatic user creation of the user aiming at the virtual environment management platform resource pools corresponding to each virtual environment management platform identifier, and the efficiency and the accuracy of the creation of the localos user are improved.
The target management includes: as one possible implementation manner, the electronic device may respond to the user destruction instruction, destroy any user identifier in the corresponding user information list for the user, and delete the login authority of the localos user corresponding to the user identifier. Then, the electronic device can delete the user name of the localos user corresponding to the user identifier through a user deletion command of the virtual environment management platform operating system.
Optionally, the user identifier included in the user information list corresponding to the user destruction and the user identifier included in the user information list corresponding to the user creation may be the same or different, which is not limited in the present application.
The electronic device may, for example, call the interface of the virtual environment management platform through the vsphere sdk to implement deletion of the login authority of the localos user corresponding to the user identifier. Optionally, the specific implementation manner of deleting the user name of the locals user corresponding to the user identifier by the electronic device through the user deleting command of the virtual environment management platform operating system may refer to any existing method for deleting the user name of the locals user through the virtual environment management platform operating system, which is not described herein.
Optionally, the electronic device may acquire a user information list corresponding to the user destruction input by the user, or the electronic device may further add, to the user information list corresponding to the user destruction, a user identifier of a localos user whose login authority exceeds a preset duration on time.
For example, in some embodiments, before responding to a user destruction instruction, the electronic device may further receive a user destruction instruction triggered by a user before deleting the login permission of the localos user corresponding to the user identifier for any user identifier in the user destruction corresponding to the user information list. Through the method, the electronic equipment can execute user destruction management according to the user destruction instruction triggered by the user, so that user experience is improved. In some embodiments, the user destruction instruction may include, for example: the user destroys the corresponding user information list.
Or the electronic device can also acquire the permission use duration corresponding to each user identifier in the user information list. For example, the electronic device may receive, through a GUI or an API, etc., a permission usage duration corresponding to each user identification. Then, the electronic device may generate a user information list corresponding to the user destruction when determining that the authority use of the localos user corresponding to the user identifier expires according to the authority use time, and trigger the user destruction instruction. For example, the electronic device may add the user identification of the expiration of the rights usage of the corresponding localos user to the user destruction corresponding user information list. Through the method, the electronic equipment can automatically destroy the users when the authority of the localos users expires, so that the efficiency and accuracy of destroying the users are improved.
In this embodiment, by executing the user destruction operation by using the virtual environment management platform resource pool corresponding to each virtual environment management platform identifier in the virtual environment management platform list to be destroyed by the user, the electronic device may implement the virtual environment management platform resource pool corresponding to each virtual environment management platform identifier, thereby implementing automatic user destruction of the user, and improving efficiency and accuracy of localos user destruction.
The target management includes: for example, as a possible implementation manner, the electronic device may respond to the user locking instruction, and delete the login authority of the localos user corresponding to the user identifier for any user identifier in the user information list corresponding to the user locking. Then, the electronic device can lock the user name of the localos user corresponding to the user identifier through a user locking command of the virtual environment management platform operating system.
Optionally, the user identifier included in the user information list corresponding to the user lock may be the same as or different from the user identifier included in the user information list corresponding to the user creation, which is not limited in the present application.
The electronic device may, for example, call the interface of the virtual environment management platform through the vsphere sdk to implement deletion of the login authority of the localos user corresponding to the user identifier. Optionally, the specific implementation manner of locking the user name of the locals user corresponding to the user identifier by the electronic device through the user locking command of the virtual environment management platform operating system may refer to any existing method for locking the user name of the locals user through the virtual environment management platform operating system, which is not described herein.
Optionally, the electronic device may acquire the user information list corresponding to the user lock input by the user, or the electronic device may further add, to the user information list corresponding to the user lock, the user identifier of the localos user that meets the lock condition (for example, it is detected that the localos user performs the illegal operation, or the duration of the localos user using the target authority expires, etc.).
By deleting the login authority of the locked localos user corresponding to any user identifier in the user information list corresponding to the user locking, the locked localos user can not login any more, and the safety and accuracy of automatic management of the locked user are improved. The user name of the localos user corresponding to the user identifier is locked through the user locking command of the virtual environment management platform operating system, so that the user name of the localos user is reserved, the user experience is improved, and the management flexibility of the localos user is improved.
In some embodiments, if the console detects that a locked locals user is logged in, a prompt may be output to prompt that the locals user's username has been locked.
Targeted management includes: as one possible implementation manner, the electronic device may obtain a user information list corresponding to the user password modification in response to the user password modification instruction, and the modified passwords corresponding to the user identifiers in the user information list corresponding to the user password modification. The user identifier included in the user information list corresponding to the user password modification is a user identifier corresponding to a localos user needing the password modification. Then, the electronic device can use the modified password to reset the password of the localos user corresponding to the user identifier through a user password reset command of the virtual environment management platform operating system.
Optionally, the electronic device may receive the "user password modifies the modified password corresponding to each user identifier in the user information list" input by the user.
By the method, the electronic equipment can automatically reset the passwords of the localos users corresponding to the user identifications in the user information list corresponding to the user password modification, and the efficiency and the accuracy of the user password modification are improved.
Taking the above-mentioned virtual environment management platform as Vcenter as an example, fig. 4 is a schematic flow chart of a method for creating localos in a multi-Vcenter resource pool scenario provided by the present application. As shown in fig. 4, the electronic device may begin with a user-triggered user-created instruction. The electronic device may obtain a list of vcents selected by the user, and then perform the following operations on each Vcenter in the list in turn: the electronic equipment logs in the Vcenter server operating system, creates a locals user through an operating system command and sets a password corresponding to the locals user. The electronic device may then invoke the vcenter interface via the vchere sdk to effect authorization of the localos user login rights (i.e., to authorize user access as shown in fig. 4).
Fig. 5 is a schematic flow chart of a method for destroying localos users in a multi-Vcenter resource pool scenario provided by the present application. The electronic device may begin with a user-triggered user destruction instruction. Alternatively, the electronic device may also begin executing the following steps when the rights of the localos user expire. As shown in fig. 5, the electronic device may obtain a Vcenter list selected by the user to be deleted by the user, and then perform the following operations on each Vcenter in the Vcenter list in turn: the electronic equipment calls the interface of the vcnter through the vsphere sdk to delete the login authority of the localos user, logs in the operating system of the Vcenter server and deletes the localos user through an operating system command.
Exemplary, fig. 6 is a flow chart of a method for locking locals users in a scenario of multiple Vcenter resource pools provided by the present application. The electronic device may begin with a user-triggered user lock instruction. Alternatively, the electronic device may also begin executing the following steps when the rights of the localos user expire. As shown in fig. 6, the electronic device may acquire a user-selected Vcenter list to be user-locked, and then sequentially perform the following operations on each Vcenter in the Vcenter list: the electronic equipment calls the interface of the vcnter through the vsphere sdk to delete the login authority of the localos user, logs in the operating system of the Vcenter server and locks the localos user through an operating system command.
Fig. 7 is a schematic flow chart of a method for modifying a localos user password in a scenario of multiple Vcenter resource pools provided by the present application. The electronic device may begin with a user-triggered user password modification instruction. Alternatively, the electronic device may also begin executing the following steps when the rights of the localos user expire. As shown in fig. 7, the electronic device may obtain a user-selected Vcenter list to be subjected to user password modification, and then perform the following operations on each Vcenter in the Vcenter list in turn: the electronic device logs in to the Vcenter server operating system, and resets the password of the localos user through operating system commands.
As shown in fig. 4, 5, 6, and 7, the ending process may be after performing the above-mentioned user management (also referred to as configuration) operation on all vcents in the corresponding Vcenter list.
In the embodiment, compared with the manual execution of changing operation on each VCenter server and interface in sequence by means of creating, destroying, locking, password modifying and the like of a Localos user in a multi-VCenter resource pool scene, the application realizes a management platform with a complete business process and provides a unified, visual and automatic operation platform for the user. By introducing the timing task, the automatic destruction or locking of the expired user can be completed, and the efficiency and accuracy of the localos user management are further improved.
Fig. 8 is a schematic structural diagram of a user management apparatus according to the present application. As shown in fig. 8, the apparatus includes: an acquisition module 21, and a processing module 22. Wherein,,
the obtaining module 21 is configured to obtain a virtual environment management platform list to be subject to target management, and a user information list corresponding to the target management. The virtual environment management platform list comprises at least one virtual environment management platform identifier, and a console deployed with the virtual environment management platform is used for managing at least one virtual machine; the user information list includes: at least one user identification; the target management includes: user creation, user destruction, user locking, and user password modification.
The processing module 22 is configured to perform target management on at least one user identifier of the virtual environment management platform resource pool according to the user information list, for each virtual environment management platform identifier corresponding to the virtual environment management platform resource pool.
Optionally, managing with the target includes: for example, the user creates, optionally, the processing module 22 is specifically configured to respond to a user creation instruction and log in to the virtual environment management platform operating system; creating a user name of a local operating system user corresponding to the user identifier through a user creation command of the virtual environment management platform operating system; acquiring a password corresponding to the user identifier; and using the user name of the local operating system user and the password to authorize the login permission of the local operating system user.
Optionally, the target management includes: for example, the user destruction is optional, and the processing module 22 is specifically configured to respond to a user destruction instruction, destroy any user identifier in the corresponding user information list for the user, and delete the login authority of the local operating system user corresponding to the user identifier; and deleting the user name of the local operating system user corresponding to the user identifier through a user deleting command of the virtual environment management platform operating system.
Optionally, the device may further include a receiving module 23, configured to receive, before the responding to the user destruction instruction, the user destruction instruction triggered by the user, for destroying any user identifier in the corresponding user information list by the user, and deleting the login permission of the local operating system user corresponding to the user identifier.
Or, optionally, the processing module 22 may be further configured to obtain a permission usage duration corresponding to each user identifier in the user information list; when the authority use time length determines that the authority use of the local operating system user corresponding to the user identifier is expired, generating a user information list corresponding to user destruction, and triggering the user destruction instruction.
Optionally, managing with the target includes: for example, the user locking may be selected, and the processing module 22 is specifically configured to respond to a user locking instruction, delete, for any user identifier in the user information list corresponding to the user locking, a login permission of a local operating system user corresponding to the user identifier; and locking the user name of the local operating system user corresponding to the user identifier through a user locking command of the virtual environment management platform operating system.
Optionally, managing with the target includes: as an example, the user password modification may be optional, and the processing module 22 is specifically configured to respond to a user password modification instruction, obtain a user information list corresponding to the user password modification, and obtain a modified password corresponding to each user identifier in the user information list corresponding to the user password modification; and resetting the password of the local operating system user corresponding to the user identifier through a user password resetting command of the virtual environment management platform operating system by using the modified password.
The user management apparatus 20 provided by the present application is configured to execute the foregoing embodiment of the user management method executed by the user management end, and its implementation principle and technical effects are similar, and will not be described again.
Fig. 9 is a schematic structural diagram of an electronic device according to the present application. As shown in fig. 9, the electronic device 400 may include: at least one processor 401 and a memory 402.
A memory 402 for storing a program. In particular, the program may include program code including computer-operating instructions.
Memory 402 may comprise high-speed RAM memory or may also include non-volatile memory (non-volatile memory), such as at least one disk memory.
The processor 401 is configured to execute computer-executable instructions stored in the memory 402 to implement the user management method described in the foregoing method embodiment. The processor 401 may be a central processing unit (Central Processing Unit, abbreviated as CPU), or an application specific integrated circuit (Application Specific Integrated Circuit, abbreviated as ASIC), or one or more integrated circuits configured to implement embodiments of the present application.
Optionally, the electronic device 400 may also include a communication interface 403. In a specific implementation, if the communication interface 403, the memory 402, and the processor 401 are implemented independently, the communication interface 403, the memory 402, and the processor 401 may be connected to each other by a bus and perform communication with each other. The bus may be an industry standard architecture (Industry Standard Architecture, abbreviated ISA) bus, an external device interconnect (Peripheral Component, abbreviated PCI) bus, or an extended industry standard architecture (Extended Industry Standard Architecture, abbreviated EISA) bus, among others. Buses may be divided into address buses, data buses, control buses, etc., but do not represent only one bus or one type of bus.
Alternatively, in a specific implementation, if the communication interface 403, the memory 402, and the processor 401 are integrated on a chip, the communication interface 403, the memory 402, and the processor 401 may complete communication through internal interfaces.
The present application also provides a computer-readable storage medium, which may include: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a random access Memory (RAM, random Access Memory), a magnetic disk or an optical disk, etc., in which program codes may be stored, and in particular, the computer-readable storage medium stores program instructions for the methods in the above embodiments.
The present application also provides a program product comprising execution instructions stored in a readable storage medium. The at least one processor of the electronic device may read the execution instructions from the readable storage medium, the execution instructions being executed by the at least one processor to cause the electronic device to implement the user management methods provided by the various embodiments described above.
Finally, it should be noted that: the above embodiments are only for illustrating the technical solution of the present application, and not for limiting the same; although the application has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical scheme described in the foregoing embodiments can be modified or some or all of the technical features thereof can be replaced by equivalents; such modifications and substitutions do not depart from the spirit of the application.

Claims (10)

1. A method of user management, the method comprising:
acquiring a virtual environment management platform list to be subjected to target management and a user information list corresponding to the target management; the virtual environment management platform list comprises at least one virtual environment management platform identifier, and a console deployed with the virtual environment management platform is used for managing at least one virtual machine; the user information list includes: at least one user identification; the target management includes: user creation, user destruction, user locking, and user password modification;
and aiming at the virtual environment management platform resource pool corresponding to each virtual environment management platform identifier, carrying out target management on at least one user identifier of the virtual environment management platform resource pool according to the user information list.
2. The method of claim 1, wherein the target management comprises: user creation, wherein the target management of at least one user identifier of the virtual environment management platform resource pool according to the user information list comprises the following steps:
responding to a user creation instruction, and logging in the virtual environment management platform operating system;
Creating a user name of a local operating system user corresponding to the user identifier through a user creation command of the virtual environment management platform operating system;
acquiring a password corresponding to the user identifier;
and using the user name of the local operating system user and the password to authorize the login permission of the local operating system user.
3. The method of claim 2, wherein the target management comprises: destroying the user, and performing target management on at least one user identifier of the virtual environment management platform resource pool according to the user information list, wherein the target management comprises the following steps:
responding to a user destroying instruction, aiming at any user identifier in a user destroying corresponding user information list, deleting the login authority of a local operating system user corresponding to the user identifier;
and deleting the user name of the local operating system user corresponding to the user identifier through a user deleting command of the virtual environment management platform operating system.
4. A method according to claim 3, wherein before any user identifier in the corresponding user information list is destroyed for the user in response to the user destruction instruction, and the login authority of the local operating system user corresponding to the user identifier is deleted, the method further comprises:
Receiving a user destruction instruction triggered by a user;
or,
acquiring authority use duration corresponding to each user identifier in the user information list;
when the authority use time length determines that the authority use of the local operating system user corresponding to the user identifier is expired, generating a user information list corresponding to user destruction, and triggering the user destruction instruction.
5. The method of any of claims 2-4, wherein the target management comprises: and user locking, wherein the target management of at least one user identifier of the virtual environment management platform resource pool according to the user information list comprises the following steps:
responding to a user locking instruction, aiming at any user identifier in a user information list corresponding to user locking, deleting the login authority of a local operating system user corresponding to the user identifier;
and locking the user name of the local operating system user corresponding to the user identifier through a user locking command of the virtual environment management platform operating system.
6. The method of any of claims 2-4, wherein the target management comprises: modifying the user password, wherein the target management of at least one user identifier of the virtual environment management platform resource pool according to the user information list comprises the following steps:
Responding to a user password modification instruction, acquiring a user information list corresponding to user password modification, and modifying passwords corresponding to all user identifiers in the user information list corresponding to user password modification;
and resetting the password of the local operating system user corresponding to the user identifier through a user password resetting command of the virtual environment management platform operating system by using the modified password.
7. A user management apparatus, the apparatus comprising:
the system comprises an acquisition module, a target management module and a user information management module, wherein the acquisition module is used for acquiring a virtual environment management platform list to be subjected to target management and a user information list corresponding to the target management; the virtual environment management platform list comprises at least one virtual environment management platform identifier, and a console deployed with the virtual environment management platform is used for managing at least one virtual machine; the user information list includes: at least one user identification; the target management includes: user creation, user destruction, user locking, and user password modification;
the processing module is used for carrying out target management on at least one user identifier of the virtual environment management platform resource pool according to the user information list aiming at each virtual environment management platform identifier corresponding to the virtual environment management platform resource pool.
8. An electronic device comprising a memory and a processor;
the memory stores a computer program;
the processor being arranged to perform the method of any of claims 1-6 by means of the computer program.
9. A computer readable storage medium having stored thereon computer executable instructions which, when executed by a processor, implement the method of any of claims 1-6.
10. A computer program product comprising a computer program which, when executed by a processor, implements the method of any of claims 1-6.
CN202310947383.2A 2023-07-28 2023-07-28 User management method, device, electronic equipment, storage medium and program product Pending CN116954825A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310947383.2A CN116954825A (en) 2023-07-28 2023-07-28 User management method, device, electronic equipment, storage medium and program product

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310947383.2A CN116954825A (en) 2023-07-28 2023-07-28 User management method, device, electronic equipment, storage medium and program product

Publications (1)

Publication Number Publication Date
CN116954825A true CN116954825A (en) 2023-10-27

Family

ID=88456310

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310947383.2A Pending CN116954825A (en) 2023-07-28 2023-07-28 User management method, device, electronic equipment, storage medium and program product

Country Status (1)

Country Link
CN (1) CN116954825A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117892287A (en) * 2024-01-11 2024-04-16 中国华能集团有限公司北京招标分公司 Password management method and system for multi-scene cloud platform

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117892287A (en) * 2024-01-11 2024-04-16 中国华能集团有限公司北京招标分公司 Password management method and system for multi-scene cloud platform

Similar Documents

Publication Publication Date Title
US11882108B2 (en) Application user single sign-on
CN108881228B (en) Cloud registration activation method, device, equipment and storage medium
US11381566B2 (en) Isolating network resources in a virtualized environment
CN110661831B (en) Big data test field security initialization method based on trusted third party
US9916205B2 (en) Secure live virtual machine guest based snapshot recovery
US8955057B2 (en) Managing access to class objects in a system utilizing a role-based access control framework
CN107483987B (en) Authentication method and device for video stream address
DE112016000576T5 (en) Boot a computer securely from a user-trusted unit
CN111414612B (en) Security protection method and device for operating system mirror image and electronic equipment
CN103403732A (en) Processing method and device for input and output opeartion
US10958670B2 (en) Processing system for providing console access to a cyber range virtual environment
US11811749B2 (en) Authentication of plugins in a virtualized computing environment
TW201539240A (en) Data erasure of a target device
CN116954825A (en) User management method, device, electronic equipment, storage medium and program product
CN110138767B (en) Transaction request processing method, device, equipment and storage medium
CN106254312B (en) method and device for achieving server attack prevention through virtual machine heterogeneous
CN111083166A (en) Method and device for setting white list in cloud database and computer storage medium
CN110896489B (en) Authentication method, device, equipment and storage medium
KR20160018554A (en) Roaming internet-accessible application state across trusted and untrusted platforms
CN103975567A (en) Dual-factor authentication method and virtual machine device
US20180131722A1 (en) System and method for determining a policy in virtual desktop infrastructure (vdi)
US20200145420A1 (en) Processing System For Providing Console Access To A Cyber Range Virtual Environment
US11805114B2 (en) Enhanced N-layer SSO controlled authentication for enterprise devices
CN110046044B (en) Virtual resource configuration method and system based on NFV
CN105120010B (en) A kind of virtual machine Anti-theft method under cloud environment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination