User Management is the process of creating and maintaining a user store. User management establishes a user’s authorization to access secure resources, it also serves as a repository of identities and is the source of all identities in an organization. Access control is applied to regulate who can view or use resources in a particular environment.
- The user created at the First time UI stage will be the Cluster Administrator.
- A Cluster Administrator is the Super Administrator and will manage all the scopes that fall under the Cluster.
- The user roles are assigned and managed by Cluster Administrators across all the scopes.
- Times Group has multiple subsidiaries that are managed by them such as Times Music, Times Internet, Times Business Solutions etc.
- In this case, a DNIF Deployment Scenario could be Time Group as a cluster and the various subsidiaries as various scopes within the Times Group cluster.
How to view Managed Users?
Hover on the Administrator (lock) icon on the left navigation panel and select Manage Users, the following page will be displayed.
The above page displays the following details.
|Organization/User Name||Displays the Organization /Username of the added user|
|Email id||Displays the email address of the user|
|Created on||Displays the date and time when the user was created.|
|Last Login||Displays the date and time when this user last logged in.|
|Click this to view the details of the user activity along with the following details, you can click on each row to view the details of the user activity.
|Click this to refresh the user list|
|Click this to search for a particular user|
|Click this to add a new user|
How to add a New User?
- Hover on the Administration icon on the left navigation bar of the Home screen, from the options displayed select Manage User, the following screen will be displayed.
- Click plus icon on the top right corner of the screen to add a User.
- The Users / Add User screen displays the following fields:
|Full name||Enter the full name of the user to be added|
|Organization||Select the organization of the User|
|Email Id||Enter the email id of the User|
|Phone Number||Enter the contact details of the User|
|Is Cluster Administrator?||Select Yes, to add this user as a Cluster Admin. If No, the User will be assigned privileges based on the Roles assigned.|
|Manage Access||You can assign roles to this added user. Refer below How to Assign Roles to User?|
- Enter / Select all the above details and click Invite. You will receive an invitation in your inbox, click the link and set the password for login. On successful login, you will be listed on the user list page.
How to Assign Roles to a User?
- Once the user details are entered, Cluster Admin can assign roles from the Manage Access section.
The first column displays the cluster name and the roles. The second column onwards are the different Scopes and their roles within that cluster
You can assign the following roles to users.
|Administrator||Users with Administrator access rights will be able to access all the pages except the following:
Note: If Administrator is also Cluster Admin then will have access to all pages.
|Cluster Admin||Users with Cluster Admin access rights will be have complete access including the following:
|Security Engineer||Users with Security Engineer access rights will be able to do the following:
|Security Analyst||Users with Security Analyst access rights will be able to do the following:
By default, Scope level roles are automatically assigned on assigning a cluster level role for the user.
Select Custom option at the cluster level to assign varied roles at Scope level.
Once the roles are defined click Invite at the top right corner of the page to send an invite to the user.
How to edit/delete a User?
- To edit/delete the User details, click the required User from the list.
- Validate the User details and click the Edit or Delete icon on the top right corner of the screen, to edit or delete the User details respectively.
How to reset a user password?
- To reset the password of the User, click on the required user from the list. The following screen is displayed.
- Click the Reset Password button, a pop-up window will be displayed.
- Click Reset to receive a reset password link in your inbox, click the link and reset the password to login.
Audit trail monitors and logs user activity in a system. Audit trail logs can be downloaded and included as evidence in an investigation, or analyzed when troubleshooting an issue. As an administrator, you can download the user audit trail in CSV format.
- Click Audit Trail on the top right corner of the screen to view audit logs.
- The Console Audit Trail screen displays the following fields:
|Created on||Timestamp when the activity was performed|
|Source||Displays the Source IP address from where the activity was performed|
|Action||Details of the activity performed|
|User||Username of the user that performed the action|
|Downloads the report in CSV format|