There are three types of
operator users, and
standarduser is a traditional user of Helix server
operatoruser is intended for human or automated system administrators
serviceuser is for server-to-server authentication as part of the replication process.
Service users are:
- useful for remote depots in single-server environments
- required for multi-server and distributed environments
- do not consume Helix server licenses
Create a service user for each master, replica, or proxy server that you control. This makes it easier to interpret your server logs. Having service users improves security, by requiring that your edge servers and other replicas have valid login tickets before they can communicate with the master or commit server.
Read the "Service users" topic in Helix Core Server Administrator Guide: Fundamentals.
A newly-created service user that is not a member of any groups is
subject to the default ticket timeout of 12 hours. To avoid issues that
arise when a service user’s ticket ceases to be valid, create a group for
your service users that features an extremely long timeout, or to
unlimited. On the master server, issue the following
p4 group service_users
service1 to the list of
Users: in the
group, and set the
PasswordTimeout: values to a large value or to
Group: service_users Timeout: unlimited PasswordTimeout: unlimited Subgroups: Owners: Users: service1
Service users must have a ticket created with the
login for replication to work.
On the master server, use
p4 protect to grant the
super permission. Service users are tightly
restricted in the commands they can run, so granting them
super permission is safe. For example:
super group unlimited_timeout * //..."
grants the super permission to the group named unlimited_timeout.