Adding and editing user accounts

Use the Add User and Edit User dialog to create a new user account or to edit existing user accounts.

When creating or editing a user account you can:

• Determine the authentication type for the user account.
• Set the language in which WhatsUp Gold is displayed for the user account.
• Set and confirm the password when using internal authentication.
• Select the home device group.
• Set user rights.

You must have the Manage Users right to add or edit a user account.

Note: You do not need to add users that will be authenticating through an Active Directory server. When a user logs in to WhatsUp Gold using their Windows domain credentials for the first time, a user account is created for that user. They are added to the group that was mapped to the AD group of which the user account is a member.

Important: As new Active Directory users are automatically provisioned using LDAP, the Home Device Group setting for the Web Group mapped to the user's Active Directory group at the time of provisioning is set as the initial Home Device Group for the new user. The Home Device Group for the user is now maintained independently from the Home Device Group settings of any Web Groups to which the user is assigned.

To create or edit a user account:

1. From the WhatsUp Gold web interface, go to Admin > Users. The Manage Users dialog appears.
2. Click New. The Add User dialog appears.
3. Enter or select the appropriate information:
   • User name. Enter a unique name for the user account.

   Note: Once a user account has been added, this field will be unavailable for editing by the user. Only edits by a different user with "manager users" rights will be allowed to edit another account's user name.

   • Authentication type.
     • Internal. Select this option for internal authentication using a password entered on this dialog.
     • LDAP. Select this option for remote authentication using an LDAP server (other than an Active Directory server) configured on the LDAP credentials dialog.
     • Cisco ACS. Select this option for Cisco ACS server authentication.

   Note: When you select LDAP, the Internal password and Confirm password boxes are deactivated.

   Note: When a user is being edited that has authenticated through an Active Directory server, the Authentication type for that user will appear as Active Directory.

   • Internal password. If your Authentication type is Internal, enter the password to be used with the user account.
   • Confirm password. If your Authentication type is Internal, re-enter the password to be used with the user account.
   • Apply Account Lockout Policy. If your Authentication type is either Internal or Cisco ACS, select this option to provide the user with three successive log on attempts. After the third failed attempt, the user will be locked out of the system until a designated time period has expired. If you want to grant the user the ability to log on before the designated time period has elapsed, the user must contact the Administrator to unlock the account.

   Note: The Apply Single Session Policy is not compatible with the Ipswitch Dashboard Screen Manager stand-alone application. Please do not select this option if you're using the Dashboard Screen Manager.

   • Apply Single Session Policy. Select this option to allow the user to log on to the system once, and not allow multiple sessions running at the same time.
   • Apply Password Aging Policy. If your Authentication type is Internal, select this option to apply a password aging policy for the user. The user will be subject to a minimum number of days between password changes, password expiration after a given number of days, and a password history check to ensure a given number of previous passwords are not reused.
   • Apply Password Complexity Policy. If your Authentication type is Internal, select this option to apply a password complexity policy for the user. The complexity requirements are driven by the internal WhatsUp Gold password policy. The default minimum complex password requirement is one special character, one capital (upper case) letter, one lower case letter, and one number. The password must also not match a password stored in the dictionary.
   • Home device group. Enter the device group that will be used to provide information for monitoring and dashboard reports.
   • Member of. Select the user groups to which you want the user account to be a member. Groups must be added prior to adding a user to a group. For more information on adding user groups, see Adding and Editing user groups.

   Note: When you add a user account to a group it will inherit all of the rights assigned to that group.

   Tip: Select Show rights inherited from group membership + user rights to show the user rights the user will inherit from membership in the groups selected in the Member of box. The first column of check boxes in the User Rights list indicate the user rights acquired through group membership.

4. Select the User rights that you want to grant to the user account. For more information, see About User Rights.

   Note: If you grant the Manage Users right, the user account will acquire all user rights.

5. Click OK to save changes. The user account is added to the user account list on the Manage Users dialog

See Also Managing users and groups Managing user accounts and user groups About user rights Adding and editing user groups About device group access rights