Getting Started with Identity Broker

This is not the latest version of Identity Director documentation.
View available documentation.

Manage access to the Management Portal

On the Settings page, you can manage access to the Management Portal.

The local administrator account is a default account (admin) with a hard-coded password (unsecured). We recommend that you disable this after you have added at least one Group with Management Portal Access, and you are logged into the Management Portal with an account that is a member of that group.

• You can add Groups with Management Portal Access by entering the Active Directory Group name in the <Domain>\<GroupName> format.
  Example: MYCOMPANY\IB Admins
  Built-in administrator groups should not be used directly, as Windows may not allow these groups to be resolved in all scenarios.
  Example

  • Built-in group MYCOMPANY\Administrators should not be used.
  • Built-in group MYCOMPANY\Administrators can be made a member of MYCOMPANY\IB Admins from the example above.

  Because Identity Broker has no direct connection to Active Directory, groups cannot be validated when you add them.

• You can Remove groups as long as you are a member of at least one of the remaining groups.
  Example

  • Configured Groups with Management Portal Access:
    • MYCOMPANY\IB Admins
    • MYCOMPANY\IT
    • MYCOMPANY\Support
  • You are a member of MYCOMPANY\IT and MYCOMPANY\Support.

  In this example:

  • you can remove MYCOMPANY\IB Admins and MYCOMPANY\IT, because you are a member of MYCOMPANY\Support.
  • you can remove MYCOMPANY\IB Admins and MYCOMPANY\Support, because you are a member of MYCOMPANY\IT.
  • you cannot remove MYCOMPANY\IT and MYCOMPANY\Support, because you are not a member of MYCOMPANY\IB Admins.

See also

• Configure Identity Providers
• Configure Identity Consumers
• Resulting behavior if configured correctly