• State Verified Answer
  • Replies 2 replies
  • Subscribers 95 subscribers
  • Views 235 views
  • Users 0 members are here
Options
Related

Restrict Specific AD Users from Logging into One Identity Manager

Volkan Ceylan
1 month ago

Hello,

We are using One Identity Manager version 9.3.

Currently, all identities with an Active Directory account for the relevant domains are able to log in to One Identity Manager such as LaunchPad.

Is there a way to restrict access so that only specific identities are allowed to log in to One Identity Manager?

Best Regards,

Volkan Ceylan

Parents
  • +1 1 month ago

    Based on the assumption that you use a role-based authentifier, all users can access Manager, Analyzer, and Launchpad via the Application Role Base roles\Everyone (Change). To be precise, the permission group VI_4_ALLUSER permits you via the assigned program function ApplicationStart_LaunchPad.

    A solution would be to create a copy of the permission group, do not assign the program function, and assign the copy to the Application Role.

    In addition, you need to ensure that the users who need to access Launchpad get the program function assigned via a different application role.

Reply
  • +1 1 month ago

    Based on the assumption that you use a role-based authentifier, all users can access Manager, Analyzer, and Launchpad via the Application Role Base roles\Everyone (Change). To be precise, the permission group VI_4_ALLUSER permits you via the assigned program function ApplicationStart_LaunchPad.

    A solution would be to create a copy of the permission group, do not assign the program function, and assign the copy to the Application Role.

    In addition, you need to ensure that the users who need to access Launchpad get the program function assigned via a different application role.

Children