Skip to main content

Users

The user profile includes the information about users from Active Directory (AD) and user settings in the Axidian system.

  1. In the Management Console sidebar, open the Users section.

  2. In the Name field, enter the username, part of the name, or UserPrincipalName (UPN, username in email address format, such as username@domain.com).

  3. In the Container field, select the search location.

    It can be the entire container or a specific organizational unit. If you leave the Name field empty, the search results will display all users in the selected container.

  4. Click Search.

The window displays the list of users that match the search criteria.

View general information

  1. Locate a user.
  2. To open the user profile, click the name of the user.
  3. Click the General information tab to view the following information:
    • From Active Directory:
      • Photo: The jpegPhoto or thumbnailPhoto attributes. If the attributes are empty, a placeholder is used.
      • Account: The userPrincipalName attribute.
      • Email: The mail attribute.
      • Phone: The telephoneNumber attribute.
      • Path: The location in Active Directory.
    • From Axidian Access:
      • Policy: The name of the policy that applies to a user. To go to the policy card, click the policy name.
      • Applications count: The number of applications available to a user.
      • Authenticators count: The total number of authenticators registered for a user.
      • Events: Five most recent events related to a user. To view all events related to a user, click All user events.

Adding users to a policy

To apply policy settings to a user, you need to add this user to the policy scope. For more information, see the Policies section.

View application information

If a user is within the scope of more than one policy, they have access to all applications and modules added to these policies. To learn more about how to manage policies in Management Console, see the Policies section.

To view the list of applications and modules available to a user:

  1. In the user profile, go to the Applications tab.
  2. The opened window displays a table with a list of applications and modules available to a user.
  3. To view more detailed information about authentication methods configured for a module or application, click its name.

Configure data caching

You can enable data caching for a user on the local computer for the Windows Logon component and applications integrated with the Enterprise Single Sign-On module. Data caching allows logging in to the system using the authenticator even without physical network connection. For more information about enabling this setting, see the User data caching section.

Configure authenticators

In the user profile, you can manage authenticator settings for a user. For more information, see Authenticators.

View login history

In the user profile, you can view the history of user logins to Access Manager modules. Also, you can export this information to a file in the CSV, XLSX, or PDF formats.

To view the user login history:

  1. In the user profile, go to the Sign in history tab.
  2. If required, set the following search filters:
    • Specify the start and end dates of the period for which you want to view the login history.
    • Select an application or a module.
    • Select the type of authenticator used for login.
    • Select the event state: Successful sign in, Failed to sign in, or Not set.
  3. Click Apply.
  4. To export the login history, click Export and select the file format. The supported formats are CSV, XLSX, and PDF.

View licenses

For all users who are included in access policies, licenses are registered automatically. The license is assigned to a user after successful authentication in the corresponding module.

To view the licenses available to a user, go to the Licenses tab in the user profile.

Assign a role

In Access Manager, you can assign the following roles to a user: global administrator, operator, or inspector. Each role has individual set of rights.

To assign a role:

  1. In the Management Console sidebar, open the Configuration section.
  2. Go to the Global administrators tab.
  3. Click Add and select the required role.
  4. In the Name field, enter the username, part of the name, or UPN.
  5. In the Object type field, select the type:
    • User
    • Group
  6. In the Location field, select the object location. It can be the entire user catalog or a separate container. If you leave the Name field empty, the search results will display all objects of the specified type in the selected location.
  7. Select an object.
  8. Click Add.

The user with the assigned role appears in the list on the Global administrators tab.

You can also assign a role to a user within a single policy.