Inspecting users and roles with LIST and DESCRIBE

Use the LIST command to see what users or roles exist. For example, in a default installation:

W (admin) > list roles;
Processing - list roles
ROLE 1 =>  Global.uiuser
ROLE 2 =>  Global.admin
ROLE 3 =>  admin.admin
ROLE 4 =>  admin.dev
ROLE 5 =>  Global.appadmin
ROLE 6 =>  Global.appuser
ROLE 7 =>  Global.systemuser
ROLE 8 =>  admin.enduser
ROLE 9 =>  Global.appdev

Use the DESCRIBE command to see which roles and privileges are associated with a user or role. For example, for the default admin user and default Global.admin role (which as noted above has all privileges):

W (admin) > describe user admin;
Processing - describe user admin
USER admin CREATED 2017-09-28 12:08:59
USERID admin
CONTACT THROUGH []
ROLES {Global.admin}
PERMISSIONS []
INTERNAL user.

See what happens when we add a user:

W (admin) > CREATE USER newuser IDENTIFIED BY passwd;
Processing - CREATE USER newuser IDENTIFIED BY passwd
-> SUCCESS 
Elapsed time: 131 ms
W (admin) > describe user newuser;
Processing - describe user newuser

USER newuser CREATED 2017-10-02 17:19:00
USERID newuser
CONTACT THROUGH []
ROLES {newuser.admin, newuser.useradmin, Global.systemuser, Global.uiuser}
PERMISSIONS []
INTERNAL user.

The DESCRIBE output shows us:

CONTACT THROUGH []: no email address for the user has been specified yet
ROLES {newuser.admin, newuser.useradmin, Global.systemuser, Global.uiuser}: the user has the roles discussed above
INTERNAL user: not authenticated via LDAP

Inspecting users and roles with LIST and DESCRIBE

Search results