...
Panel | ||
---|---|---|
| ||
This page describes how administrators can control user access to the platform. For details of how manage users, see Manage users for tenant admin or Manage users |
...
Manage users with SSO or directory systems
You can use SAML, Active Directory, LDAP, and OpenID to manage users for Abiquo.
...
For details of how to configure these systems, see Configure authentication and authorization.
...
Suspend or enable a user account
Insert excerpt | ||||||||
---|---|---|---|---|---|---|---|---|
|
...
Manually reset a user password
Insert excerpt | ||||||||
---|---|---|---|---|---|---|---|---|
|
...
Put a user on the notifications list
An enterprise manager user will receive notification emails from the cloud administrators about physical machines and their enterprise's VMs on the platform.
...
To make a user an enterprise manager:
Assign the user a role with the "Define enterprise manager privilege". See Manage Roles. You can edit the user's existing role or assign a new role with this privilege.
...
Restrict user access to the platform by networks
By default, users can access the platform from any network address. To restrict access, when the administrator creates or edits a user, they can allow a set of network addresses.
...
To only allow access from a set of network addresses for a specific user via console and API:
Go to Users → Edit user → Advanced
Enter the Allowed CIDRs to specify the network addresses that the user can access the platform from, using CIDR notation
The user's Allowed CIDRs will have priority over the allowed CIDRs that are inherited from the user's role and/or scope
The inherited CIDRs will only display if the user has no Allowed CIDRs
In the API, you can add a comma delimited list of addresses in CIDR format
...
To restrict access of more than one user at a time, set role and/or scope CIDRs.
...
Screenshot: Create a role with Allowed CIDRs
...
...
Disable access to users view
To prevent administrators from accessing Users view:
Go to Configuration view
Deselect the option to Show Users button on main toolbar
The platform will not display the button, and you cannot edit users until a cloud administrator changes this option.
...
Stop users from editing their account details
By default, users can edit their own account details by going to Main menu → User icon menu → Edit user.
To disable the Edit user option on the User icon menu for cloud users:
Go to Configuration → Security
Deselect the option to Allow user to change their password.
...
Configure access to enterprises
To display the Enterprises list on the left side of Users view, your user role must have the privilege to Manage users of all enterprises. The user can select an enterprise to edit its users. By default, only the Cloud administrator role has this privilege.
...