To add a new user, do the following:
1. Log in to the Management Tool as a user with the administrative User Management permission.
2. Click the User Management navigation link to the left.
3. On the User Management page, click the Add User button in the top left.
4. On the Adding New User page that opens, on the User Type tab, select the type of the user to be added:
• Click the Add an Internal User button to create an internal application user.
• Click the Add an Active Directory User / User Group button to add an existing Windows user / user group.
NOTE: If an Active Directory user has already been added to two or more Active Directory user groups, this user cannot add themselves as an independent user of the Management Tool. Only other users with appropriate permissions can add them.
• Click the Add Application Account button to add an application account user.
5. On the User Details tab, do the following, and then click Next:
• For an internal user, define the user credentials and additional information about the user. Also, for internal users to receive an automatically generated one-time password, enter the user’s email address to which the one-time password will be sent.
NOTE: A user login name and password are required. The user login name must be unique. In Multi-Tenant mode, users of different tenants cannot have the same user login name. The password must be between 8 and 100 characters long, and contain at least one lowercase letter, one uppercase letter, one special character, and one digit. The password must contain no more than 3 identical characters in a row. The maximum length of the first name, last name, and description is 200 characters.
• For an Active Directory user / user group, search for and then select the required user / user group into the User/User group field.
NOTE: Active Directory users / user groups cannot be added if an LDAP target has not been added for the required domain on the Configuration page, or if there is no connection with the domain (the domain is unavailable).
• For an application account user, define the user credentials and additional information about the user.
6. On the User Groups tab, select the user groups that the user will belong to, and then click the Next button.
NOTE: To find a specific user group, enter its name or part of its name in the Contains search field at the top of the page, and then click the Apply Filters button on the right of it.
NOTE: The user is automatically added to the default All Users user group and cannot be removed from it.
7. On the Administrative Permissions tab, select the administrative permissions that will be granted to the user, and then click Next.
NOTE: If the user has inherited any permissions from user groups, you can only add new permissions. To remove permissions inherited from user groups, you need to remove the user from these groups.
8. On the Client Permissions tab, for each Client / Client group for which the permissions are to be defined, do the following::
• Find the required Client / Client group.
NOTE: To find a specific Client, enter its name in the Contains search field at the top of the page, and then click the Apply Filters button on the right of it.
• Click Edit Permissions on the right of the required Client / Client group, and in the the Client Permissions window that opens, select the Client permissions that will be granted to the user of the corresponding Client / Client group.
• Click Save to close the Client Permissions window.
9. Click the Finish button in the bottom right of the page.
10. The user is then added to and displayed on the User Management page.
NOTE: For Active Directory users, the first name and last name properties will be automatically filled after the user’s first login to the system.