Login accounts
A login account authenticates a user as legitimate Console and Management Portal user. You can configure login accounts in the Console.
Two types of authentication are available:
- Ivanti Automation authentication is an efficient way to provide access to a group of people with the same level of access: simply create a single login account, assign a relevant administrative role to it and provide all legitimate Console users with the relevant login information.
- Microsoft Windows authentication allows users to access the Console and Management Portal with their Microsoft Windows account and does not require additional authentication. If users also need access to the Console and Management Portal when not logged on with their Microsoft Windows account, use Ivanti Automation authentication instead.
You can use login accounts using Ivanti Automation Authentication and Microsoft Windows Authentication alongside each other in the same Ivanti Automation environment.
Guidelines
- It is best practice to configure login accounts before you configure administrative roles.
- The Console and the Management Portal are secured if at least one login account exists that is assigned to at least one administrative role. Login accounts that are not assigned to an administrative role do not have access to the Console and the Management Portal.
- To avoid accidental lockout of the Console, the first login account that you create is automatically assigned to the Full Access administrative role.
- If you delete the last login account that is assigned to the default administrative role Full Access, anyone will have full access to the Console and the Management Portal.
Password Security
For login accounts with Ivanti Automation authentication, the global Password Security Policy as configured in the Console applies. When a user enters the wrong password and the number of attempts has exceeded, the account is locked out. In the Console, the administrator can unlock the locked account.