Manage User Accounts

The Users page allows you to see and to interact with the users being managed by PMC.

To access the Users page, on the sidebar menu, click Users.

Each user in PMC must exist in your authentication provider. Each user is assigned a role, which determines what actions they are allowed to perform in the PMC portal and Privilege Management MMC snap-in.

The Users page in PMC.

You can perform the following tasks on the Users page:

  • Create a user
  • View the user details
  • Edit a user account
  • Disable a user account

Choose Users Columns to Display

Choosing the columns to display image

You can choose which columns to display in the grid.

To select which columns to display, at the top-right of the grid, click the Choose Columns to Display icon and select one or more columns to display.

The columns appear from left to right in the grid, in the order that you select them.

The following columns can be displayed:

  • Email Address: The email address for the user. Click to view the User Details page.
  • User Type: The user type for the user.
  • Assign Policy to Groups: The number of groups that the user can assign policy to. Click to view the list.
  • Edit Groups: The number of groups that the user can edit. Click to view the list.
  • View Groups: The number of groups that the user can view. Click to view the list.
  • Analyze Groups: The number of groups that the user can analyze and get reports for. Click to view the list.
  • Edit Policies: The number of policies that the user can edit. Click to view the list.
  • View Policies: The number of policies that the user can view. Click to view the list.
  • Last Logged In: The date and time when the user was last logged in to PMC.
  • Status: The current status of the user account.
  • Language: The language preference that is set for the user.

Create a User Account in PMC

Once the initial administrator account has been created and authorized, you can create additional user accounts in PMC with whichever roles are needed. You can also create future accounts with the Administrator role by following the same process outlined below.

 

The user needs to exist in your authorization provider before you add that user in PMC. Currently, Azure B2B and OpenID Connect are supported providers.

To create a user account:

  1. On the sidebar menu, click Users.
  2. At the top left of the grid, click Create User.

 

For more information about setting up a connection to Azure B2B, see Register an Azure Tenant. If you choose to configure OpenID Connect, see Configure OpenID Connect.

Set up the User Profile

  1. Choose whether you want to create the user from a blank user profile or base it on an existing user profile.
  2. To use an existing profile, select a user from the list, then proceed to the User Details section. Later, you can review the profile's Roles and Resources setup, or modify it as needed.
  3. In the User Profile section:
    • Enter the user's Email Address.
    • Select their Language.
    • Select their appropriate Time Zone.
    • Choose the Time & Date format.

Users can edit their user account preferences after their account is created. They can do this by clicking the User Account Profile icon at the top of any page. For more information, please see User Account Profile and Preferences.

While you may click Create User after this step, if you create a standard user account without assigning any resources, the user may log in to PMC, but will be greeted with a home page with a message indicating to contact their administrator, to be granted access to groups and policies to work in PMC. It is better to continue with the following steps and grant some access to the new user.

  1. Click Next: Roles and Resources.
  2. In the Roles and Resources section, select Standard User or Administrator.
    • When you select Administrator, the user can access and manage all areas of the system. Click Create User to complete the process.
    • When you select Standard User, the user can only access and manage resources that you identify in the next steps.

Assign Roles and Resources for a Standard User

  1. Below the User Profile section, click Next: Roles and Resources.
  2. Select Standard User. The Resources section appears below, with options to set for Computer Groups and Policies.
  3. Under Computer Groups, you can either select All Computer Groups, or make individual group and role selections.
    • If you select All Computer Groups, select one or more roles from the Computer Groups Role list. The user will have the role(s) across all existing and future computer groups.The View Groups role is automatically selected with any of the other options.
    • If you want to select individual groups and roles, check the boxes for the roles to associate with each group selected. You can shorten the list by selecting the Name filter option, and then typing into the Name box.
  4. Under Policies, you can either select All Policies, or make individual policy and role selections.
    • If you select All Policies, select one or more roles from the Policies Role list. The user will have the role(s) across all existing and future policies. The View Policies role is automatically selected with any of the other options.
    • If you want to select individual policies and roles, check the boxes for the roles to associate with each policy selected. You can shorten the list by selecting the Name filter option, and then typing into the Name box.
  5. To complete the process, click Create User.

Roles and Resources for an Administrator User

An administrator user does not require any additional setup for roles and resources, as this type of account can access and manage all areas of the system.

You can add a domain in the Configuration > Domain Settings page. For more information, please see Add a Domain.

Registration and User Confirmation

Once a user account has been created in PMC, an automated email response is sent to the user's email address that was provided during the creation process.

You've been invited to access applications

  1. Navigate to your email application and look for a Microsoft Invitation that will grant you access to PMC.
  2. Click the Get Started button in the email to be directed to the invitation landing page.
  3. Review permissions and click Accept to continue the process.
  4. Log in using your credentials.

 

Resend User Invites

An email invitation can be resent to a user that has not accepted their invite to the PMC Portal.

On the Users page, at the right of the user row to whom you want to resend the email invite to, click the vertical ellipsis icon, and then select Resend Email Invite.

There is no limit on how many times an invitation can be sent to a user.

 

View User Account Details

User Account Details panel

  1. On the sidebar menu, click Users.
  2. To the right of the user you want to view, click the vertical ellipsis icon, and then select View User Details. You can shorten the list by using the filter option, and then typing into the filter box. You can also click the email address of the user in the grid to access the panel.

    This section displays the details for the user under About User, Assigned Groups, and Policies headings. You can edit the details of the user here.

    At the top-right of User Details page, you can also click the vertical ellipsis menu icon and access other options for this user.

For more information, please see Edit User Account Properties.

Edit User Account Properties

  1. On the sidebar menu, click Users.
  2. To the right of the user you want to edit, click the vertical ellipsis icon, and then select Edit User. You can shorten the list by using the filter option, and then typing into the filter box. This section allows you to edit the details for the user. You can edit details such as the account name, email address, the time and date format, as well as the time zone. You can also edit roles and resources for the user.
  3. Click Save Changes.

After changing either the date/time format or the time zone, be sure to log out and back in again for the changes to take effect.

Disable a User Account

  1. On the sidebar menu, click Users.
  2. Locate the user account you want to disable. You can shorten the list by using the filter option, and then typing into the filter box..
  3. To the right of the user account you want to disable, click the vertical ellipsis icon, and then select Disable.
  4. You are prompted to confirm if you want to disable the user. To disable the user, click Disable User. You can enable the user again later, if required. The row flashes green to indicate that PMC has processed your request and the user is removed from the grid if you are using the default view.

To view users that are disabled, use the Disabled filter option and select Yes for filtering.

Enable a User Account

  1. On the sidebar menu, click Users.
  2. By default, disabled users are not shown. To view users that are disabled, at the top left, click the dropdown menu for the Disabled filter and select Yes.
  3. To the right of the user account you want to enable, click the vertical ellipsis icon, and then select Enable.
  4. The row briefly flashes green to indicate that PMC has processed your request and the user is now enabled.