Active Directory Manager
This module functions outside the realm of the normal permissions hierarchy. It can be viewed by any user with membership in Site Administrators, Security Administrators, or Dashboard Management site-level roles with no regard to permissions assigned to the tab on which the module is placed. For more information on the roles referenced in this section please see the role based security topic. Administrative users can configure additional module settings by clicking the button.
To verify changes have been saved or to view changes made by other users, click the button next to the dashboard drop down menu.
•SAM Account: The Security Account Manager account name used for Windows authentication.
•UPN: The User Principal Name of the user. A UPN looks like an email address and for many users their UPN and email are often the same.
•User Name: The display name of the user account.
•Enabled: If the user has a Site or Security Administrator role, they'll be able to toggle whether or not the user account is enabled or disabled.
•Expiration: The account expiration date for the user. When this field is set, that user account will be disabled upon the date set. If not set, the account is enabled indefinitely.
•Protected: This option is only visible to users with Site or Security Administrator roles. If this box is ticked, only Site or Security administrators will be able to add or remove that user from groups.
•Active Directory Group(s): These are the Active Directory groups available on the given domain and organizational units from the currently selected dashboard. If the group has not been marked as protected, ticking the checkbox will add or remove that user from the group.
•Add User (): This brings up a dialog for entering new user information. A randomized password will be generated and given to the user to change.
•Delete User (): This will prompt the user for confirmation, at which point the user will be deleted.
Clicking the Add User () button will bring up a dialog with the following fields for creating users:
•First Name: The first name of the user.
•Last Name: The last name of the user.
•Email Address: The email address of the user. The email suffix must be a domain registered with the active directory system.
•SAM Account Name: The SAM account name of the user. If the name is taken, the user should be prompted to specify a different name.
•Description: A short description of the user.
•Name: The display name of the Active Directory group.
•Description: A brief description of the group.
•Protected: This option is only visible to users with Site or Security Administrator roles. If this box is ticked, only Site or Security administrators will be able to add or remove users to that group, as well as edit or delete that group.
•Auto Enroll: If this option is ticked, new users created through this module will be automatically added to this group.
•Add Group (): This brings up a dialog for entering new group information. A randomized password will be generated and given to the user to change.
•Edit Group (): This brings up a dialog for editing group information.
•Delete Group (): This will prompt the user for confirmation, at which point the group will be deleted.
Clicking the Add Group () button will bring up a dialog with the following fields for creating groups:
•Group Name: The name of the group.
•Description: A short description of the group.
If the Edit Group () button is clicked, the same dialog will show up. However, changing the group name can have the potential to break logins using active directory, so a confirmation dialog will appear if you attempt to save those edits.
Copyright © 2023 pasUNITY, Inc.
Send comments on this topic.