1.9 Managing users
You can add, edit, and otherwise manage the user accounts used to log in to JP1/AO. You can also lock user accounts. You must have User Management permission to perform most user management operations. More than one user can have User Management permission.
You can also manage users by linking with the authentication function of JP1/Base and Active Directory.
User management in JP1/AO involves the following:
- Adding users
Add the user accounts used to log in to JP1/AO.
- Editing user information
A user with User Management permission can edit the profiles of all users. Users without this permission can only edit their own profile.
- Changing passwords
A user with User Management permission can change the passwords of all users. Users without this permission can only change their own password.
You can set password criteria, such as minimum length and complexity, in the security definition file (security.conf).
- Changing User Management permissions
You can control who can manage users in JP1/AO by assigning or revoking User Management permission.
If you change the permission of a logged-user, the original permissions remain in effect for the duration of the login session. The system administrator must instruct any such users to immediately log out and log back in.
However, if the user opens a dialog box (User Management, User Profile, Service Definition, Submit Service, Service Details, Task Details, or Response Input) in a new browser window, the latest permissions for that user apply in the new browser window.
- Locking and unlocking user accounts
You can lock a user account to prevent the user from performing operations in JP1/AO. You can also unlock user accounts.
If you lock the account of a logged-in user, that user will be unable to perform any further operations in JP1/AO.
A logged-in user cannot lock his or her own account. The account of a user who fails to log in a specified number of times in succession is automatically locked. If all user accounts have been locked, you must use a command to unlock them.
You cannot lock or unlock the account of a user who logs in using external authentication.
- Deleting users
You can delete a user account added to JP1/AO.
- Important
-
-
Simply adding a user account is not sufficient to allow the user to manage or submit services. You must also perform the following tasks:
• Add the user to a user group
• Assign service groups to the user group
-
When external authentication linkage is enabled, the user account (user ID and password) must consist of characters that are valid for both the external authentication server and JP1/AO.
-
- Tip
-
User IDs are not case sensitive. Passwords are case sensitive.
- Organization of this section