Manage User Accounts

Each user in PMC must exist in your authentication provider. Each user is assigned a role which determines what actions they are allowed to perform in the PMC portal and Privilege Management MMC snap-in.

The Users page in PMC.

Create a User Account in Privilege Management Console

Once the initial administrator account has been created and authorized, you can create additional user accounts in PMC with whichever roles are needed. You can also create future accounts with the Administrator role by following the same process outlined below.

 

The user needs to exist in your authorization provider before you add that user in PMC. Currently, ADFS and Azure AD are supported providers. For more information about setting up a connection to Azure AD, please see Register an Azure Tenant.

Create a User Account

This workflow has been tested and is supported by Azure AD. Other providers may work, but have not yet been tested.

  1. Select Users from the sidebar menu, and then select User Management.
  2. Click Create User at the top of the grid.

Click Create User at the top of the grid.

  1. Enter your email address.

    For Active Directory Federation Services (ADFS) this must take the form:

    <username>@<ADFS Domain>.com

    For Azure AD this must take the form:

    <username>@<tenantname>.onmicrosoft.com

Fill in the fields to create a new user.

  1. Enter the user's information into the fields in the Create User box that appears on the new page.
    • Enter the user's Email Address.
    • Select a Role for the new user.
    • Choose the Time & Date format for the new user and their appropriate Time Zone from the dropdown menu.
  1. Click Create User to create your user.

 

You can add a domain in the Configuration > Domain Settings page.

For more information, please see Add a Domain.

Registration and User Confirmation

Once a user account has been created in PMC, an automated email reponse should be sent to the user's email address that was provided during the creation process.

You've been invited to access applications

  1. Navigate to your email application and look for a Microsoft Invitation that will grant you access to PMC.
  1. Click the Get Started button in the email to be directed to the invitation landing page.
  2. Review permissions and click Accept to continue the process.
  3. Log in using your credentials.

 

Resend User Invites

An email invitation can be resent to a user that has not accepted their invite to the PMC Portal.

Click Resend Email Invite to resend the email invitation.

  1. From the Users page, find the corresponding user in the list of emails.
  2. Click the vertical ellipsis icon to open a dropdown list of actions.
  3. Select Resend Email Invite.

There is no limit on how many times an invitation can be sent to a user.

 

View Details of a User Account

  1. Select Users from the sidebar menu, and then select User Management.
  2. Find the appropriate user in the list and click the vertical ellipsis icon. From the dropdown menu, select View User Details. This section shows you the details for the user. You can also edit the details of the user here.

For more information, please see Edit Properties of a User Account.

Edit Properties of a User Account

  1. Select Users from the sidebar menu, and then select User Management.
  2. Find the appropriate user in the list and click the vertical ellipsis icon. From the dropdown menu, select View User Details.
  3. Click Edit User. This section allows you to edit the details for the user. You can edit details such as the account name, email address, the time and date format, as well as the time zone.
  4. Click Save User to save your changes.

After changing either the date/time format or the time zone, be sure to log out and back in again for the changes to take effect.

Assign Roles to a User Account

  1. Select Users from the sidebar menu, and then click User Management.

For an overview of the roles and a comparison of their access levels, click User Roles.

  1. Find the user you want to assign a new role to, and then click the vertical ellipsis icon at the end of the row. Select View User Details.
  2. At the top of the grid, click Edit User.
  3. Select the appropriate role for the user from the dropdown menu under Role.
  4. Click Save User to save your changes.

Disable a User Account

  1. Select Users from the sidebar menu, and then select User Management.
  2. Find the appropriate user in the list and click the vertical ellipsis icon. From the dropdown menu, select Disable.
  3. You are prompted to confirm if you want to disable the user. Click Disable Anyway to disable the user; otherwise, click Cancel. You can enable the user again later, if required. The row flashes green to indicate that PMC has processed your request and the user is removed from the grid if you are using the default view.

To view users that are disabled, click the dropdown menu for the Disabled column of the Users grid and select Yes.

For more information, please see Enable a User Account.

Enable a User Account

Disabled users are not shown by default. To view users that are disabled, click the dropdown menu for the Disabled column of the Users grid and select Yes.

  1. Select Users from the sidebar menu, and then select User Management.
  2. Find the appropriate user in the list and click the vertical ellipsis icon. From the dropdown menu, select Enable.
  3. The row briefly flashes green to indicate that PMC has processed your request and the user is now enabled.