From d4f3b0eec2af959e76dd3e3f45864ca48882bac1 Mon Sep 17 00:00:00 2001 From: kai-gan-fit2 Date: Fri, 3 Apr 2026 11:17:11 +0800 Subject: [PATCH] =?UTF-8?q?feat:=20=E5=AE=8C=E6=88=90=E8=B4=A6=E5=8F=B7?= =?UTF-8?q?=E5=88=97=E8=A1=A8=E5=8A=9F=E8=83=BD?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../account_management/account_list.en.md | 29 +++++++++++++++++++ .../account_management/account_list.md | 29 +++++++++++++++++++ 2 files changed, 58 insertions(+) diff --git a/docs/manual/admin/console/account_management/account_list.en.md b/docs/manual/admin/console/account_management/account_list.en.md index 2aa00bb2..90851e0d 100644 --- a/docs/manual/admin/console/account_management/account_list.en.md +++ b/docs/manual/admin/console/account_management/account_list.en.md @@ -20,11 +20,40 @@ !!! tip "" - JumpServer supports bulk associating one account with multiple assets (account adding feature). Click the **Add** button on the account list page, select the assets to associate with the account, fill in the account details, and bulk associate the account with the assets. ![account_list_03](../../../../img/v4_account_list_03.png) + +| Parameter | Description | +| ------------------- | ------------------------------------------------------------ | +| Name | User identification name, can be repeated. | +| Username | Login account for accessing JumpServer, cannot be repeated. | +| Privileged Account | Accounts to be executed first during batch processing; supports duplicate settings. | +| Su Switch | This account switched to another account | +| Asset | Select created assets from the list; multiple selections are allowed. | +| Password | Authenticate with a password encrypted by the algorithm, suitable for logging in to assets via protocols such as SSH and RDP. | +| SSH Key | Implement passwordless login by configuring the private key file; the corresponding public key needs to be configured on the asset, supporting OpenSSH format. | +| Token | Typically used for the ciphertext type required when creating Kubernetes asset accounts | +| Password Changeable | When enabled, JumpServer can periodically change the password of this account on the asset through the account password change function. | +| Account Policy | When creating an account, if the key type is non-compliant, it restricts the key (Skip / Update / Fail). | +| Skip | When the account policy is executed, if the account does not meet the conditions or does not require processing, the system will skip this account without any operation. | +| Update | Indicates that the system will update the permissions or configuration of the account according to the policy, such as modifying the permission scope or validity period. | +| Fail | Indicates that an error occurred during the application of the account policy, such as insufficient permissions, unreachable target asset, or configuration conflict, resulting in the policy not taking effect. | +| Active | Restrict normal account login | +| Remarks | Optional field, used to fill in the account description information, which is convenient for administrators to identify and manage. | + ### 2.4 Add account template !!! tip "" - Click the **Template Add** button on the account list page, select the assets to associate the account template with, choose the account template to add, and bulk associate the account template with the assets. ![account_list_04](../../../../img/v4_account_list_04.png) +| Parameter | Description | +| ------------------- | ------------------------------------------------------------ | +| Template | Select an existing account template. | +| Node | Set an existing node; you can select the authorized node corresponding to the asset. | +| Asset | Select a created asset from the list. | +| Password Changeable | When enabled, JumpServer can periodically change the password of this account on the asset through the account password change function. | +| Account Policy | When creating an account, if the key type is non-compliant, it restricts the only action (Skip / Update / Fail). | +| Active | Restrict normal account login | +| Remarks | Optional field, used by administrators to configure remark information for this account template. | + ## 3 Virtual accounts !!! tip "" - In certain scenarios during authorization rule creation, virtual accounts are used to log in to assets. The virtual account page supports viewing details of virtual accounts. JumpServer supports allowing AD/LDAP users to log in to assets with JumpServer user passwords when authorization rules authorize accounts with the same name. diff --git a/docs/manual/admin/console/account_management/account_list.md b/docs/manual/admin/console/account_management/account_list.md index 006e14a4..8dd0929f 100644 --- a/docs/manual/admin/console/account_management/account_list.md +++ b/docs/manual/admin/console/account_management/account_list.md @@ -20,11 +20,40 @@ !!! tip "" - JumpServer 支持将一个账号批量关联给多个资产,即账号添加功能。点击账号列表页面的 **添加** 按钮,选择需要将账号关联的资产,填写需要关联的账号相关信息,即可批量的关联账号给资产。 ![account_list_03](../../../../img/v4_account_list_03.png) + +| 参数 | 说明 | +| ---------- | ------------------------------------------------------------ | +| 名称 | 用户识别名称,可重复 | +| 用户名 | 登录 JumpServer 的登录账号,不可重复 | +| 特权账号 | 在执行批量化操作时,可优先执行的账号,可重复设置 | +| 切换自 | 此账号切换至另一个账号 | +| 资产 | 在列表中选择已创建的资产,可多选 | +| 密码 | 使用明文或加密存储的密码进行认证,适用于 SSH、RDP 等协议登录资产 | +| SSH密钥 | 通过配置私钥文件实现免密登录,需在资产上配置对应公钥,支持 OpenSSH 格式 | +| 令牌 | 一般用于创建k8s资产账号所需的密文类型 | +| 密码可改密 | 开启后,JumpServer 可通过账号改密定时修改该账号在资产中的密码 | +| 账号策略 | 创建账号时,密钥类型如果不合规,约束唯一键(跳过/更新/失败) | +| 跳过 | 当账号策略执行时,若该账号不符合条件或无需处理,系统将跳过此账号,不进行任何操作 | +| 更新 | 表示系统将根据策略更新该账号的权限或配置,如修改授权范围或有效期 | +| 失败 | 表示账号策略应用过程中出现错误,如权限不足、目标资产不可达或配置冲突,导致策略未生效 | +| 激活 | 控制账号是否可正常登录 | +| 备注 | 非必填项,用于填写账号的说明信息,便于管理员识别和管理 | + ### 2.4 添加账号模板 !!! tip "" - 点击账号列表页面的 **模版添加** 按钮,选择需要将资产关联给的资产,选择需要添加的账号模版,即可批量的关联账号模版给资产。 ![account_list_04](../../../../img/v4_account_list_04.png) +| 参数 | 说明 | +| ---------- | ------------------------------------------------------------ | +| 模版 | 选择已创建的账号模版,可多选用户识别名称,可重复 | +| 节点 | 设置已有节点,可选择资产对应的授权节点 | +| 资产 | 在列表中选择已创建的资产 | +| 密码可改密 | 开启后,JumpServer 可通过账号改密计划自动修改该账号在资产中的密码 | +| 账号策略 | 创建账号时,密钥类型如果不合规,约束唯一键(跳过/更新/失败) | +| 激活 | 控制账号是否可正常登录 | +| 备注 | 非必填项,管理员配置该账号模版的备注信息 | + ## 3 虚拟账号 !!! tip "" - 在授权规则创建时,某些场景下会使用虚拟账号登录资产。虚拟账号页面支持对虚拟账户的详情进行查看。JumpServer支持当授权规则中授权了同名账户时,AD/LDAP 用户使用 JumpServer 用户密码登录资产。