p4 user

Create, edit, or delete Helix Server user specifications and preferences.

Syntax

p4 [g-opts] user [-f] [username]
p4 [g-opts] user -d [-f | -F] username

p4 [g-opts] user -o [username]
p4 [g-opts] user -i [-f]

Description

Use the p4 user command to edit these settings or to create new user records. (By default, new users are created automatically. After installing Helix Server, a Helix Server superuser can control this behavior with the p4 configure command.)

Types of Helix Server users:

standard users	standard users are the default each standard user consumes one Helix Server license
operator users	intended for system administrators can run only a limited subset of Helix Server commands does not consume a license
service users	intended for inter-server communication in replicated and multi-server environments restricted to an even smaller subset of Helix Server commands than operator users does not consume a license

When called without a username, p4 user edits the specification of the current user. When called with a username, the user specification is displayed, but cannot be changed. The form appears in the editor defined by the P4EDITOR environment variable.

Helix Server superusers can create new users or edit existing users' specifications with the -f (force) option: p4 user -f username.

Note that both the -f and -F options can be used to delete users, but the -F option has additional effects on protections and groups. See Options below.

The user who gives a Helix Server command is not necessarily the user under whose name the command runs. The user for any particular command is determined by the following:

If the user running the command is a Helix Server superuser, and uses the syntax p4 user -f username, user username is edited.
If the -u username option is used on the command line (for instance, p4 -u joe submit), the command runs as that user named "joe" (a password might be required).
If the above has not been done, but the file pointed to by the P4CONFIG environment variable contains a setting for P4USER, the command runs as that user.
If neither of the above has been done, but the P4USER environment variable has been set, the command runs as that user.
If none of the above apply, then the username is taken from the OS level USER or USERNAME environment variable.

Form Fields

Field Name	Type	Description
`User:`	Read-only	The Helix Server username under which `p4 user` was invoked. By default, this is the user’s system username. Be aware of the Limitations on characters in filenames and entities.
`Type:`	Read-only	Type of user: `standard`, `operator`, or `service`. Important Once you set the type, you cannot change it.
`AuthMethod:`	Writable	One of the following: `perforce` or `ldap`. This field can only be changed when the `-f` option is specified for the `p4 user` command. Specifying `perforce` enables authentication using Helix Server’s internal `db.user` table or by way of an authentication trigger. This is the default unless it is overridden with the `auth.default.method` configurable. Specifying `ldap` enables authentication against AD/LDAP servers specified by the currently active LDAP configurations.
`Email:`	Writable	The user’s email address. By default, this is `user@client`.
`Update:`	Read-only	The date and time this specification was last updated.
`Access:`	Read-only	The date and time this user last ran a Helix Server command.
`FullName:`	Writable	The user’s full name.
`JobView:`	Writable	A description of the jobs to appear automatically on all new changelists (see Usage Notes).
`Password:`	Writable	The user’s password (see Usage Notes ).
`PasswordChange:`	Read-only	The date and time of the user’s last password change. If the user has no password, this field is blank.
`Reviews:`	Writable List	A list of files the user would like to review (see Usage Notes). This field can include exclusionary mappings.

Options

`-d username`	Deletes the specified user. Only user `username`, or a Helix Server superuser, can run this command. If you have set `P4AUTH`, no warning will be given if you delete a user who has an open file or client.
`-f`	Superuser force option; allows the superuser to modify or delete the specified user, or to change the last modified date.
`-F`	Superuser option; used only with `-d`: forces the deletion of the specified user, and also removes the user from the protections table and from all groups. The command fails if removing the user from a group causes the group to be deleted. In such a case, delete the group before deleting the user.
`-i`	Read the user specification from standard input. The input must conform to the `p4 user` form’s format.
`-o`	Write the user specification to standard output.
`g-opts`	See Global Options.

Usage Notes

Can File Arguments Use Revision Specifier?	Can File Arguments Use Revision Range?	Minimal Access Level Required
N/A	N/A	`list`

The -d option can be used by non-superusers only to delete the user specification that invoked the p4 user command. Helix Server superusers can delete any Helix Server user.
User deletion fails if the specified user has any open files. Submit or revert these files before deleting users.
By default, user records are created without passwords, and any Helix Server user can impersonate another by setting P4USER or by using the globally available-u option. To prevent another user from impersonating you, set a password with the p4 passwd command.

Passwords can be created, edited, or changed in the p4 user form or by using the p4 passwd command. Setting your password in the p4 user form is only supported at security levels 0 or 1. You can p4 passwd to set passwords at any server security level, and you must use p4 passwd to set passwords at higher security levels. For more about how the various security levels work, see the Helix Core Server Administrator Guide: Fundamentals.

If you edit a password in the p4 user form, do not use the comment character # within the password; Helix Server interprets everything following that character on the same line as a comment, and does not store it as part of the password.

If the dm.user.resetpassword configurable has been set, all users created with passwords are required to reset their passwords before they can issue commands.
Passwords are displayed as six asterisks in the p4 user form regardless of their length.
If you are using ticket-based authentication (see p4 login for details), changing your password automatically invalidates all of your outstanding tickets.
The collected values of the Email: fields can be listed for each user with the p4 users command, and can used for any purpose.
The p4 reviews command, which is used by the Helix Server change review daemon, uses the values in the Reviews: field; when activated, it will send email to users whenever files they’ve subscribed to in the Reviews: field have changed. Files listed in this field must be specified in depot syntax; for example, if user joe has a Reviews: field value of
```
//depot/main/...
//depot/.../README
```
then the change review daemon sends joe email whenever any README file has been submitted, and whenever any file under //depot/main has been submitted.
There is a special setting for job review when used with the Helix Server change review daemon. If you include the value:
```
//depot/jobs
```
in your Reviews: field, you will receive email when jobs are changed.
If you set the Jobview: field to any valid jobview, jobs matching the jobview appear on any changelists created by this user. Jobs that are fixed by the changelist should be left in the changelist when it’s submitted with p4 submit; other jobs should be deleted from the form before submission.

For example, suppose the jobs at your site have a field called Owned-By:. If you set the Jobview: field on your p4 user form to Owned-By=yourname&status=open, all open jobs owned by you appear on all changelists you create. See p4 jobs for a full description of jobview usage and syntax.

Operators are intended for system administrators who, even though they have super or admin privileges, are responsible for the maintenance of the Perforce service, rather than the development of software or other assets versioned by the service. Operators can run only the following commands:

`p4 admin` `stop`	`p4 admin` `restart`	`p4 admin` `checkpoint`
`p4 admin` `journal`	`p4 counter`	`p4 counters`
`p4 dbstat`	`p4 dbverify`	`p4 diskspace`
`p4 configure`	p4 counter (including `-f`)	`p4 counters`
`p4 journaldbchecksums`	p4 jobs (including `-R`)	`p4 login`
`p4 logout`	`p4 logappend`	`p4 logparse`
`p4 logrotate`	`p4 logschema`	`p4 logstat`
`p4 logtail`	`p4 lockstat`	`p4 monitor`
`p4 passwd`	`p4 ping`	`p4 verify`
`p4 user`

Service users are used in replication environments, and can run only the following commands:

`p4 dbschema`	`p4 export`	`p4 login`
`p4 logout`	`p4 passwd`	`p4 info`
`p4 user`

Examples

`p4 user joe`	View the user specification of Helix Server user `joe`.
`p4 user`	Edit the user specification for the current Helix Server user.
`p4 user -d sammy`	Delete the user specification for the Helix Server user `sammy`, but has no effect on `sammy`'s workspace clients.
`p4 -u joe -P hey submit`	Run `p4 submit` as user `joe`, whose password is `hey`. This command does not work at higher security levels.
`p4 user -f joe2`	Create a new Helix Server user named `joe2` if the caller is a Helix Server superuser, and `joe2` does not already exist as a Helix Server user. If user `joe2` already exists, allow a Helix Server superuser to modify the user’s settings.

Related Commands

To view a list of all Helix Server users	`p4 users`
To change a user’s password	`p4 passwd`
To view a list of users who have subscribed to review particular files	`p4 reviews`
To control how new users are created by changing the `dm.user.noautocreate` configurable	`p4 configure`