Your suggested change has been received. Thank you.

close
Thales Logo

All

  • All
  • CipherTrust Manager
  • CipherTrust Application Data Protection (CADP)
  • CipherTrust Application Key Management (CAKM)
  • CipherTrust Batch Data Transformation (BDT)
  • CipherTrust Cloud Key Management (CCKM)
  • CipherTrust Data Discovery and Classification (DDC)
  • CipherTrust Data Protection Gateway (DPG)
  • CipherTrust Database Protection (CDP)
  • CipherTrust Intelligent Protection (CIP)
  • CipherTrust Integrations
  • CipherTrust Migrations
  • CipherTrust RESTful Data Protection (CRDP)
  • CipherTrust Transparent Encryption (CTE)
  • CipherTrust Transparent Encryption Userspace (CTE-U)
  • CipherTrust Secrets Management (CSM)
  • CipherTrust Vaulted Tokenization (CT-V)
  • CipherTrust Vaultless Tokenization (CT-VL)
  • CTE-Linux
  • CTE-Windows
  • CTE-AIX
  • CTE-K8s
  • CTE-U
  • Crypto Command Center
  • Data Protection on Demand
  • Luna Cloud HSM
  • Luna Network HSM
  • Luna PCIe HSM
  • Luna USB HSM
  • OneWelcome Identity Platform
  • ProtectApp LUKS
  • ProtectServer 2 HSM
  • ProtectServer 3 HSM
  • SafeNet Trusted Access (STA)
  • SafeNet MobilePASS+
  • SafeNet MobilePASS+ for Android
  • SafeNet MobilePASS+ for Chrome
  • SafeNet MobilePASS+ for macOS
  • SafeNet MobilePASS+ for iOS
  • SafeNet MobilePASS+ for WatchOS
  • SafeNet MobilePASS+ for Windows
  • SafeNet Synchronization Agent
  • SafeNet Logging Agent
  • SafeNet Agent for FreeRADIUS
  • SafeNet Agent for NPS
  • SafeNet Agent for Windows Logon
  • SafeNet Authentication Service Private Cloud Edition (SAS PCE)
  • SafeNet Remote Logging Agent
  • SafeNet Keycloak Agent
  • SafeNet IDPrime Virtual (IDPV)
  • SafeNet FIDO Key Manager
  • SafeNet FIDO Key Manager for Android
  • SafeNet FIDO Key Manager for iOS
  • SafeNet FIDO Key Manager for Windows
back

Additional Configuration

Managing Users

search

Please Note:

printsuggest an edit

Managing Users

copy link to clipboardassembly-managing-users_server_administration_guide

From the Admin Console, you have a wide range of actions you can perform to manage users.

copy link to clipboardCreating users

You create users in the realm where you intend to have applications needed by those users. Avoid creating users in the master realm, which is only intended for creating other realms.

Prerequisite

  • You are in a realm other than the master realm.

Procedure

  1. Click Users in the menu.
  2. Click Add User.
  3. Enter the details for the new user.

!!!note Username is the only required field.

  1. Click Save. After saving the details, the Management page for the new user is displayed.

copy link to clipboardDefining user credentials

You can manage credentials of a user in the Credentials tab.

alt_text

You change the priority of credentials by dragging and dropping rows. The new order determines the priority of the credentials for that user. The topmost credential has the highest priority. The priority determines which credential is displayed first after a user logs in.

Type - This column displays the type of credential, for example password or OTP .

User Label - This is an assignable label to recognize the credential when presented as a selection option during login. It can be set to any value to describe the credential.

Data - This is the non-confidential technical information about the credential. It is hidden, by default. You can click Show data...​ to display the data for a credential.

Actions - Click Reset password to change the password for the user and Delete to remove the credential.

You cannot configure other types of credentials for a specific user in the Admin Console; that task is the user’s responsibility.

You can delete the credentials of a user in the event a user loses an OTP device or if credentials have been compromised. You can only delete credentials of a user in the Credentials tab.

copy link to clipboardSetting a password for a user

If a user does not have a password, or if the password has been deleted, the Set Password section is displayed. If a user already has a password, it can be reset in the Reset Password section.

Procedure

  1. Click Users in the menu. The Users page is displayed.

  2. Select a user.

  3. Click the Credentials tab.

  4. Type a new password in the Set Password section.

  5. Click Set Password.

Note

If Temporary is ON, the user must change the password at the first login. To allow users to keep the password supplied, set Temporary to OFF. The user must click Set Password to change the password.

copy link to clipboardRequesting a user reset a password

You can also request that the user reset the password.

Procedure

  1. Click Users in the menu. The Users page is displayed.
  2. Select a user.
  3. Click the Credentials tab.
  4. Click Credential Reset.
  5. Select Update Password from the list.
  6. Click Send Email. The sent email contains a link that directs the user to the Update Password window.
  7. Optionally, you can set the validity of the email link. This is set to the default preset in the Tokens tab in Realm Settings.

copy link to clipboardCreating an OTP

If OTP is conditional in your realm, the user must navigate to SafeNet Access Exchange Account Console to reconfigure a new OTP generator. If OTP is required, then the user must reconfigure a new OTP generator when logging in.

Alternatively, you can send an email to the user that requests the user reset the OTP generator. The following procedure also applies if the user already has an OTP credential.

Prerequisite

  • You are logged in to the appropriate realm.

Procedure

  1. Click Users in the main menu. The Users page is displayed.
  2. Select a user.
  3. Click the Credentials tab.
  4. Click Credential Reset.
  5. Set Reset Actions to Configure OTP.
  6. Click Send Email. The sent email contains a link that directs the user to the OTP setup page.

copy link to clipboardConfiguring user attributes

User attributes provide a customized experience for each user. You can create a personalized identity for each user in the console by configuring user attributes.

alt_text

Prerequisite

  • You are in the realm where the user exists.

Procedure

  1. Click Users in the menu.

  2. Select a user to manage.

  3. Click the Attributes tab.

  4. Enter the attribute name in the Key field.

  5. Enter the attribute value in the Value field.

  6. Click Save.

On this page