Managing Users

assembly-managing-users_server_administration_guide

From the Admin Console, you have a wide range of actions you can perform to manage users.

Creating users

You create users in the realm where you intend to have applications needed by those users. Avoid creating users in the master realm, which is only intended for creating other realms.

Prerequisite

• You are in a realm other than the master realm.

Procedure

1. Click Users in the menu.
2. Click Add User.
3. Enter the details for the new user.

!!!note Username is the only required field.

1. Click Save. After saving the details, the Management page for the new user is displayed.

Defining user credentials

You can manage credentials of a user in the Credentials tab.

You change the priority of credentials by dragging and dropping rows. The new order determines the priority of the credentials for that user. The topmost credential has the highest priority. The priority determines which credential is displayed first after a user logs in.

Type - This column displays the type of credential, for example password or OTP .

User Label - This is an assignable label to recognize the credential when presented as a selection option during login. It can be set to any value to describe the credential.

Data - This is the non-confidential technical information about the credential. It is hidden, by default. You can click Show data...​ to display the data for a credential.

Actions - Click Reset password to change the password for the user and Delete to remove the credential.

You cannot configure other types of credentials for a specific user in the Admin Console; that task is the user’s responsibility.

You can delete the credentials of a user in the event a user loses an OTP device or if credentials have been compromised. You can only delete credentials of a user in the Credentials tab.

Setting a password for a user

If a user does not have a password, or if the password has been deleted, the Set Password section is displayed. If a user already has a password, it can be reset in the Reset Password section.

Procedure

1. Click Users in the menu. The Users page is displayed.

2. Select a user.

3. Click the Credentials tab.

4. Type a new password in the Set Password section.

5. Click Set Password.

Requesting a user reset a password

You can also request that the user reset the password.

Procedure

1. Click Users in the menu. The Users page is displayed.
2. Select a user.
3. Click the Credentials tab.
4. Click Credential Reset.
5. Select Update Password from the list.
6. Click Send Email. The sent email contains a link that directs the user to the Update Password window.
7. Optionally, you can set the validity of the email link. This is set to the default preset in the Tokens tab in Realm Settings.

Creating an OTP

If OTP is conditional in your realm, the user must navigate to SafeNet Access Exchange Account Console to reconfigure a new OTP generator. If OTP is required, then the user must reconfigure a new OTP generator when logging in.

Alternatively, you can send an email to the user that requests the user reset the OTP generator. The following procedure also applies if the user already has an OTP credential.

Prerequisite

• You are logged in to the appropriate realm.

Procedure

1. Click Users in the main menu. The Users page is displayed.
2. Select a user.
3. Click the Credentials tab.
4. Click Credential Reset.
5. Set Reset Actions to Configure OTP.
6. Click Send Email. The sent email contains a link that directs the user to the OTP setup page.

Configuring user attributes

User attributes provide a customized experience for each user. You can create a personalized identity for each user in the console by configuring user attributes.

Prerequisite

• You are in the realm where the user exists.

Procedure

1. Click Users in the menu.

2. Select a user to manage.

3. Click the Attributes tab.

4. Enter the attribute name in the Key field.

5. Enter the attribute value in the Value field.

6. Click Save.