![[AIX Solaris HP-UX Linux Windows]](../images/dist.gif)
Managing profiles for nonroot users
The nonroot user can receive permissions for files and directories so that the nonroot user can create a profile.
Before you begin
This task assumes a basic familiarity with the manageprofiles command, the Profile Management Tool, and system commands.
This task uses the following terms:
Remember: An ease-of-use limitation exists for nonroot users
who create profiles. Mechanisms within the Profile Management Tool that suggest unique
names and port values are disabled for nonroot users. The nonroot
user must change the default field values in the Profile Management Tool for the profile
name, node name, cell name, and port assignments.
Consider assigning nonroot users a range of values for each of the
fields. You can assign responsibility to the nonroot users for adhering
to their assigned value ranges and for maintaining the integrity of
their own definitions.

![[Windows]](../images/windows.gif)
Note: When creating a new profile, you can umask to 002 and then run the
manageprofiles command to give group users the appropriate permissions.
About this task
Nonroot users might typically need these tasks completed so that they can start their own application servers in development environments. For instance, an application developer might test an application on an application server in a profile assigned to that application developer.
Procedure
Results
Depending on the tasks that the installer followed, the
installer has completed the following actions:
Note: Connections to the Derby database might not work, and
you might see errors like the following in the logs:
java.io.FileNotFoundException: C:\Program Files\IBM\WebSphere\AppServer\derby\derby.log (Access is denied.)
This can happen when files under app_server_root are
read-only. You can configure Derby to write its log to another location
by setting the following property in the app_server_root/derby/derby.properties file# This property can be set to make Derby log to System.err. This is useful if you
# do not have write permission to the default location:
/opt/wasprofile/derby/derby.log derby.stream.error.field=java.lang.System.err
What to do next
Depending on the tasks that the installer completes, a nonroot user can create a profile, start WebSphere Application Server, or do both.