Creating system groups and users

RICOH ProcessDirector requires several user groups and IDs on the primary computer to operate correctly. The installation program can create the user groups and IDs or you can create them in advance.

It is easiest to let the installer create the user groups and IDs using the default values. If the default names do not comply with user and group naming rules in your environment, you can choose different names and enter them in the installer when requested. The groups and users are created using the specified names as local system users and groups.

If you prefer to create the groups and users in advance (using either the default names or names that you specify), the installation program can find and use them. Create those groups and users according to the descriptions below and enter their names in the installation program when asked.

If you plan to install any Secondary Server features on Linux computers, you must create some groups and users on both the primary computer and secondary computers. The groups and users on the secondary computers must be identical to those on the primary computer.

    Note:
  • All Linux operating system user IDs and group names must be 1-8 characters because of a restriction in DB2. You cannot create a user ID that includes international characters (such as á, É, î, ñ, ô, ß) or double-byte characters. This limitation only applies if you use DB2 as your database.

Required groups

RICOH ProcessDirector requires these groups on the primary computer:

RICOH ProcessDirector group
The group that controls access to the RICOH ProcessDirector data directory. Members of this group can access the /aiw/aiw1 file system. This is the default or primary group for the RICOH ProcessDirector system user.

The default name for the group is aiwgrp1.

Print queue group
The group used for all users and applications that send jobs to printers. On some platforms, this is a system group that is created when the operating system is installed, but not on others. For example, this group is created when you install SLES, but not when you install Red Hat Linux.

The name for this group must be printq. You cannot create a group with a different name and have RICOH ProcessDirector use it. If the installer does not find a group named printq, it creates one.

PostgreSQL database group
The group used to give access to the PostgreSQL database that RICOH ProcessDirector installs in a Docker container. This group is created when you install Docker Engine.

The default name for the group is docker.

When you install RICOH ProcessDirector, the RICOH ProcessDirector system user is added to this group.

This group is only required if you use PostgreSQL installed with RICOH ProcessDirector as your database and you are using Docker.

DB2 database group
The group used to give members DB2 sysadm authority for database operation. This is the default or primary group for the RICOH ProcessDirector instance user and for the Database client user (if needed).

The default name for the group is aiwdbgrp.

If you plan to use a DB2 server installed on a different computer with RICOH ProcessDirector, this group is created while running the script setupRemoteDB2.sh on the computer that DB2 is installed on and also on the computer that RICOH ProcessDirector is installed on.

This group is only required if you use IBM DB2 as the RICOH ProcessDirector database.

DB2 database fenced group
The internal group required by DB2; the default or primary group for the fenced user.

The default name for the group is aiwdbfgp.

If you plan to use a DB2 server installed on a different computer with RICOH ProcessDirector, this group is created during the installation on the computer that DB2 is installed on.

This group is only required if you use IBM DB2 as the RICOH ProcessDirector database.

RICOH ProcessDirector also requires the RICOH ProcessDirector group and print queue group on any secondary computers.

Required users

RICOH ProcessDirector requires these users on the primary computer:

RICOH ProcessDirector system user
The user ID that RICOH ProcessDirector runs under. This user must have the RICOH ProcessDirector group set as its default or primary group. It must also be a member of the Print queue group and the DB2 database or PostgreSQL database group (if you use the PostgreSQL database installed with RICOH ProcessDirector). You can use the default values for the other user properties.

The default system user ID is aiw1.

DB2 instance user
The user ID that the RICOH ProcessDirector DB2 database instance runs under. This user must have its default or primary group set to the DB2 database group. It must also be a member of the RICOH ProcessDirector group. You can use the default values for the other user properties.

The default DB2 instance user ID is aiwinst.

If you plan to use a DB2 server installed on a different computer, this user is created on the computer that DB2 is installed on.

DB2 fenced user
A second user ID that DB2 requires when you create an instance. This user must be a member of the DB2 database fenced group. You can use the default values for the other user properties.

The default DB2 fenced user ID is aiwdbfid.

If you plan to use a DB2 server installed on a different computer, this user is created on the computer that DB2 is installed on.

DB2 database client user
The user ID that the DB2 client uses. This user is only required if you install a DB2 server on a different computer and the DB2 client on the same computer as RICOH ProcessDirector. This user must have its primary or default group set to the DB2 database group. You can use the default values for the other user properties.

The default DB2 database client user ID is aiwclnt.

RICOH ProcessDirector also requires the RICOH ProcessDirector system user on any secondary computers.

    Note:
  • If you set up passwords with expiration rules for these user IDs, you must administer those IDs as needed. If you do not change the passwords as needed and they expire, RICOH ProcessDirector stops working.

RICOH Transform features users and groups

One additional group and two additional users are required if you install any of these RICOH Transform features:

  • Ricoh AFP to PDF
  • Ricoh PCL to AFP
  • Ricoh PostScript/PDF to AFP
  • Ricoh SAP to AFP
The default users are ipsitm and ipsejz; the default group is itm. The Advanced Transform feature does not require these users and group.

    Important:
  • Do not make either RICOH Transform features user ID the same as the RICOH ProcessDirector user ID. For example, if the RICOH ProcessDirector user ID is aiw1, do not enter aiw1 for either Transform feature user ID.