In the Management Portal at Setup > Administrative Roles, prevent unauthorized access to the Management Portal and Setup and Sync Tool.
If you accidentally locked yourself out from the Setup and Sync Tool and Management Portal (e.g. because you forgot your password or you configured an administrative role incorrectly), you can solve this by running a database query that disables all login accounts (Microsoft SQL Server-based Datastores only).
This solution disables ALL login accounts. This means that the Setup and Sync Tool and Management Portal are no longer secured and anyone with an Active Directory account has Full Access.
Perform the following query on the database that holds the Identity Director Datastore (replace DATABASE-NAME with the name of your database).
Optionally, add the following to the query, to show the data involved:
When you have gained access again, you can manually enable the login accounts again in the Management Portal at Setup > Administrative Roles.