In the Management Portal at Setup > Administrative Roles, prevent unauthorized access to the Management Portal and Setup and Sync Tool.
On the Logins tab, click a login account to configure it and to assign administrative roles. Login accounts can authenticate administrators, based on Active Directory user name or group membership.
|Field||Explanation and Tips|
|Login||Specify the login account.|
Specify which type of authentication should be used:
|Administrative Role||Assign the login account to one or more administrative roles. This determines the administrative permissions of the login account.
View the outcome of all assigned administrative roles.
However, a user may obtain additional permissions at the moment of sign-in, based on his membership of Active Directory groups, which may also be assigned administrative roles.
- You have secured access to the Management Portal and the Setup and Sync Tool, if you configure at least one login account and assign it to at least one administrative role.
- If you delete the last login account that is assigned to the administrative role Full Access, anyone has full access to the Management Portal and the Setup and Sync Tool.
- Login accounts do not require a license: you do not need to link it to a person in Identity Director to have access to the Management Portal and the Setup and Sync Tool.
- You can sign in to the Management Portal with your Windows User Account and with your User Principal Name (UPN). A UPN is the name of a user in an e-mail address-like format. When you sign in, the UPN is matched to a user account in Microsoft Active Directory and the identifier of a person in Identity Director.