UPSSO ADMINISTRATION – USER AND ROLE MANAGEMENT

This document explains the user and role management options provided by the UPSSO application.

TYPES OF USERS

UPSSO can have the following two types of users,

  • LDAP User
  • UPSSO User

LDAP USER

An LDAP user record will be automatically created/updated in the UPSSO application whenever an LDAP user successfully signed in into the portal or via RADIUS authentication request. An LDAP user’s password will not be stored in the UPSSO application as he/she will be always authenticated against the LDAP server.

The SOURCE of LDAP users will be always “LDAP” as shown in the example below,

Please visit, LDAP INTEGRATION AND CONFIGURATION for more information on LDAP

UPSSO USER

A UPSSO user can be created/updated by the administrator using UI and stored in the UPSSO database.

HOW TO CREATE AN UPSSO USER

  1. Login into the UPSSO portal as an administrator.
  2. Click on the “Users” from the left side navigation menu.
  3. Click on the “Add User” Plus button as highlighted below,

4. Enter the user details as described below,

E-Mail: Unique Email ID of the user

Mobile Number: Unique mobile number of the user

Username: Unique username of the user to login to the UPSSO application.

Firstname: FIrst name of the user

Lastname: Last name of the user

2-Factor Auth Method: The created user will receive the OTP messages using this selected method.

Select Role: Select a Role for the user. (We will discuss the Roles in the following sections)

Source: The source should be “UPSSO” (Note: If the Source is “LDAP” then the user will be treated as an LDAP user and he/she will be always authenticated against the LDAP server. The system will not send an invitation email to the LDAP user as the password is not maintained by UPSSO)

Is Admin: Select this checkbox if you want to create this user as a UPSSO administrator.

Please look at the following screenshot for reference,

5. Click on the “SAVE” button.

6. The system will send an invitation email to the user-created with username & password as below,

7. Upon receiving the email the user can log in into the UPSSO portal.

CREATING UPSSO ROLE

A UPSSO Role can be created to control access to the applications and devices for certain users. A user will be only allowed to access the applications and devices associated with his role.

Here are the steps to create a role,

  1. Login to the UPSSO portal as an administrator.
  2. Click on the “Roles” from the left side navigation menu.
  3. Click on the “Add New Role” Plus button.
  4. Enter a unique “Role Name” (Example: IT ADMIN GROUP)
  5. Enter a description (Example: IT Administrator group)

6. Click on the “SAVE” button

ASSIGNING APPLICATIONS TO ROLE

Here are the steps to assign the applications to the role.

  1. Login to the UPSSO portal as an administrator.
  2. Click on the “Roles” from the left side navigation menu.
  3. Search for your Role.
  4. Click on the “ASSIGN APPLICATIONS” button as shown below.

5. Move the required applications from left to right

6. Click on the “SAVE” button

ASSIGNING DEVICES TO ROLE

Here are the steps to assign the devices to the role.

  1. Login to the UPSSO portal as an administrator.
  2. Click on the “Roles” from the left side navigation menu.
  3. Search for your Role.
  4. Click on the “ASSIGN DEVICES” button as shown below.

5. Move the required devices from right to left,

6. Click on the “SAVE” button.

ASSIGNING ROLE TO THE USER

  1. Login into the UPSSO portal as an administrator.
  2. Click on the “Users” from the left side navigation menu.
  3. Search for your user.
  4. Click on the “EDIT” button as shown below,

5. Select the required role in the “Select Role” combo box as shown below.

6. Click on the “SAVE” button.

DISABLING THE USER

A disabled user cannot log in or access the UPSSO application.

Here are the steps to disable a user,

  1. Login into the UPSSO portal as an administrator.
  2. Click on the “Users” from the left side navigation menu.
  3. Search for your user.
  4. Click on the “INACTIVE” button.

5. Click on the “Yes” button in the confirmation popup.

6. The user will be disabled and can not log in.

RESETTING THE PASSWORD FOR A USER

Suppose if a UPSSO user forgets his/her password, the administrator can send a new invitation. This operation will reset the user’s password and send the updated credentials by mail.

Here are the steps to reset a user password.

  1. Login into the UPSSO portal as an administrator.
  2. Click on the “Users” from the left side navigation menu.
  3. Search for your user.
  4. Click on the “RESET PASSWORD” button.

5. Click on the “Yes” button in the confirmation popup.

6. The system will send an invitation email with the newly generated password.

DISABLE OTP FOR A USER

UPSSO provides an option to disable/enable OTP for a particular user.

Here’s the steps to disable OTP for a user,

  1. Login into the UPSSO portal as an administrator.
  2. Click on the “Users” from the left side navigation menu.
  3. Search for your user.
  4. Click on the “Inactivate OTP” button.

5. Click on the “Yes” button in the confirmation popup.