Adding a network account

Before you begin

Next steps

To add users defined in a supported directory service as Security Manager administrators:

  1. Navigate to the page Global Settings > General > Administrators and click Add Network Account.
  2. In the field Search, enter keywords to search on to find the accounts to add as Security Manager administrators. By default, the search query already includes a wildcard so there is no need to include an asterisk (*) in a search.

    By default, the search context for your search is the default domain context from the Directory Service page (see Setting email notifications). To edit this context, click Refine search and enter a new search context. To revert to the default context, click Restore default.

    For users, the following attributes are searched in the selected context.
    • Active Directory: Email Address, Logon Name, and Display Name
    • Novell eDirectory, Oracle Directory Service, or Lotus Notes/Domino: Email, Display Name, Username, and Common Name (CN)

      For groups, the CN field is searched for all directory services.

    Search results display in the Search results list on the left-hand side. The search results list both users and groups that match the specified keywords, and that include both user name and email address in the directory service.

  3. To add a user or group as an administrator, mark the check box next to the account name in the Search results list, then click the right arrow (>) to add the account to the Selected accounts list.

    To remove a user from the Selected accounts list, mark the check box next to the account name, then click the left arrow (<).

  4. If certificate authentication is enabled on the page General > Two-Factor Auth (see Configuring two-factor authentication), click Certificate Authentication to upload or import the certificate used to authenticate the selected administrators during Security Manager logon.
    • Click Import from LDAP to import the certificate from your user directory.
    • Click Upload Certificate to browse to the location of the certificate and upload it.

    When the certificate has been imported or uploaded successfully, the certificate name, expiration date, issuer, and source information display in the Certificate Authentication section of the page.

  5. Once you have added one or more accounts to the Selected accounts list, mark the check box to indicate whether to Notify administrator of the new account via email.

    To send administrator emails, you must set up SMTP details on the Notifications page. You can also customize the contents of the email message on the Notifications page (see Setting email notifications).

  6. Next, select the access permissions for the new administrators.
    • Mark the check box Global Security Administrator to create an administrator with full permissions across all Security Manager modules.
      Note: Only Global Security Administrators can create other Global Security Administrators.
    • If the accounts are not Global Security Administrators, in the section Module Access Permissions, select permissions for the new administrators.
    • Choose a setting under each of the available options (Web, Data, Email) to give the new administrator permissions to manage one or more Security Manager modules. The options available depend on the modules in your subscription.

      For each module, choose whether the new administrator has:

      • No access to that module
      • Only access to the module
      • Both access and the ability to manage other administrators in that module For more information see Security Manager administrators.
      Note: Administrators can assign access permissions only for the Security Manager modules for which they have management permissions.
  7. After configuring administrator accounts, click OK. The settings are saved.