User Administration How to guide

From Swivel Knowledgebase
Revision as of 12:43, 13 October 2014 by Gfield (talk)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search


Overview

This guide covers User Administration in PINsafe.


User Administration Viewing Users

On large installations with many users only the required users will be visible, and is defined by selecting the filters, the following options are available:

Max No. Users: The number of users to display, default 500, also displayed is (x users in this repository). Note this is not the maximum number of users that Swivel can read, but only the number that is displayed at any one time.

Users per page: Number of users to display per page, default 50

Repository: The repository that the users reside in (Note: Helpdesk users may be restricted to only view the repository for which they are a member of)

State: View users with a particular state, options are

  • All
  • Active
  • Inactive
  • Locked
  • Disabled
  • Deleted

'Username: Enter a username or partial name, options for filtering are Contains and Starts With

Members of group: Select the required group to view

View: View a users according to:

  • Rights, their PINsafe rights from Admin, Helpdesk, Single, Dual, Mobile Client, PINless
  • Group, their PINsafe Group membership
  • transports, the transport associated with each user for Security Strings and Alerts

User Set: View the users by their repository source or their Database status


PINsafe 3.8 User Administration.jpg


Filter, Purge, Undelete, Import and User Sync functions

Search Apply filters

Reset Reset the filters

Purge Remove deleted accounts

Undelete Reinstate deleted accounts

Import

User Sync The User Sync button reads the user repository, and imports the required information into the PINsafe Database. When changes are made to users, a synchronisation may be required. Synchronisation is usually set to periodically occur by the PINsafe admin


User Management

Each user can be managed by clicking on the Username

PINsafe 3.8 User Administration User Management.jpg


Edit This is available for local XML repositoties where user information can be entered. This option is not available when an external repository such as Active Directory is used, as the information must be changed at the data source.

Policy The Policy applied to the user

Reset PIN Set the PIN for the user, see also Resend

Reset Password Set the Password for a user. Do not use this function unless passwords are to be explicitly used.

View Strings View the Security Strings for a user

Send String Send the user a new security string by their transport method (email, sms)

Resend Send the user a new PIN number, the PIN number is not revealed to the helpdesk or admin user.

Reprovision Send a device provision code to the user to provision a mobile phone client, see Mobile Provision Code

Lock Lock a user account.

Delete Delete an account, This option is not available when an external repository such as Active Directory is used, as the information must be changed at the data source.

History View historical information related to the account


User Status

User Status can be viewed through the Status page where users can be selected or from the User Administration page and appropriately filtered.

  • Active Users appear without any emphasis
  • Deleted users are Scored through, see also Delete a Swivel user
  • Locked users are Bold (through failed login attempts or ChangePIN after first login), see Unlock an Account
  • Disabled users are Italic (either from User Administration or due to disabled in data source)
  • Inactive (Expired) users are Underlined, see Unlock an Account
  • Users marked with a * have been edited but not had a user sync

PINsafe 37 User Administration Deleted Disabled Expired Pin Expired User Locked users.JPG


Known Issues

The Inactive underline on accounts masks the Marked as deleted status in the Administration Console. To view such users either select the State Deleted from the User Administration console or Deleted user accounts from the Status page, the listed users are marked as deleted if the status shows them to be inactive.