Creating and Managing Users


This section shows how to manage the different types of ordinary users: internal users within an OU, external users imported from another OU, and LDAP users.

Creating User

Creating an Internal User

You can create an internal user that natively belongs to an OU with the following steps.

  1. In the EnOS Management Console, click IAM > User from the left navigation menu.

  2. In the Internal User tab, Click New User.

  3. In the Basic Information section, provide the basic information of the new user and click Next.

    • Send By: You can choose to send the password to the owner of the user account via phone, email, or other secure offline approaches.

Adding an External User

You can add and authorize a user from another OU using the following steps.

Adding an External User

Adding an user from another OU

  1. In the EnOS Management Console, click IAM > User from the left navigation menu.

  2. In the External User tab, Click Import User.

  3. In the pop-up window, enter the full username of the external user. If the name is correct, the detailed information of the user will be displayed in the dialog. Click Confirm to proceed.

  4. Click Next.


Adding an LDAP User

To add an LDAP user, you need to first configure the connection to an LDAP server. For more information, see Getting Started with LDAP Federation.

Adding an SSO User

Method 1:

  1. In the EnOS Management Console, click IAM > SSO from the left navigation menu, click Add Identity Provider.

  2. In the pop-up window, fill in the user’s details, and then click OK.

    • Name: The name of the SSO user identity provider.

    • Login URL: The address that SSO users need to access for SSO login.

  3. Contact the operation and maintenance engineer to modify the background configuration file.

Method 2:

  1. Configure the authentication source in Single Sign-On > Authentication Source to log in through https://beta-portal-cn4.eniot.io:8081/iam/api/idp/eniot?destIdp=${Authentication Source Name}.


For more information, seeSingle Sign-On.

Authorizing User

The same steps are used to authorize internal users, external users, LDAP users, and SSO users.

Grant Permission

You can assign permission for a user via the following options:

  • Initial permissions: View organization information

  • Granting policies

  • Assigning user to user groups. This option will enable the user to inherit all the permissions that are assigned to the user groups.


Note

The initial permissions for ordinary users are to log in to EnOS and select the organization without authorization, and by default they have access to basic information about the organization. Contact your organization administrator if you need to view basic information about your organization.

To grant policies:

  1. In the Policies tab, click Assign Policies.

  2. In the pop-up window, select the policies to assign to this user and click Save.

  3. Click Save to create the user.


To add a user to groups:

  1. In the Add User to Group tab, click Add to User Group.

  2. In the pop-up window, select the user group to be assigned to this user and click Save.

  3. Click Save to create the user.

Batch Create and Authorize Internal Users

  1. In the EnOS Management Console, click IAM > User from the left navigation menu.

  2. In the Internal User tab, click Import User.

  3. As per the interface instructions, download and Import Template, and fill in the local template file with the new User Name, Send Password Method, Mobile Number, Email, as well as the optional information such as Policy and User Group.

    ../../../../_images/import_user_template.png

    Download to the local template:

    • User Name: The user name.

    • Send Password Method: Mobile or Email, the user password will be automatically generated by the system and sent to the user through the selected method.

    • Mobile Number: If you choose Send Password Method by Mobile, this is required. The format of the phone number is: country code - phone number, e.g. 65-XXXXXXXX.

    • Email: If you choose to send your password as Email, this is required.

    • Policy: Optional. Fill in the permission policy that has been granted for the user, that is, the name of the authority, for example, Administrator / EAP administrator / custom authority.

    • User Group: Optional. Fill in the user group name for the user.

  4. Click Upload.

    Note

    You can assign policies and user groups to the users via the template or assign them after importing.

Deleting an Internal User

When you delete an internal user, this user account is completely removed from the EnOS Cloud.

  1. In the EnOS Management Console, click IAM > User from the left navigation menu.

  2. In the Internal User tab, click the img1 of the user to be deleted.

  3. In the pop-up window, click Confirm to delete this user account.

Removing an External User

Note

When you remove an external user, this user is removed only from the current organization. The user still exists in its root organization and other organizations that the user is imported into.

  1. In the EnOS Management Console, click IAM > User from the left navigation menu.

  2. In the External User tab, click the img1 of the user to be deleted.

  3. In the pop-up window, click Confirm to remove this user.

Resetting Password

  1. In the EnOS Management Console, click IAM > User from the left navigation menu.

  2. In the Internal User tab, click the img2 of the user to reset password for.

  3. In the Edit User Information page, click the Reset icon next to the password field. The system will generate a new password which will be shown next to the Reset icon.

  4. Store this password and click Save.