Users¶
Command Center provides role-based user management functionality. Granular per-activity user roles can be defined and assigned to Command Center user accounts.
To create and configure Command Center roles, see Roles.
Viewing Users¶
At the top right of the Command Center window, click the cog wheel icon.
In the dropdown menu that displays, select Users.
The Users view displays the Users grid:
Column
Description
User
The user’s username.
Roles
Link to the user’s associated role.
Domain
Indicates whether the user is local or imported from an external directory:
local: User created in Command Center
<domain name>: The domain name of the external directory from which the user was imported.
Admin
Indicator whether the user is an admin user.
Enabled
Indicator whether the user is enabled or disabled.
Dual Factor
Indicator whether dual factor authentication sign-on is required for the user.
Actions
Dropdown menu of configuration actions for a user’s settings:
Edit
Enable/Disable
Delete
Creating a local user¶
To create a new local Command Center user:
At the top right of the Command Center window, click the cog wheel icon.
In the dropdown menu that displays, select Users.
In the Users screen, click Create new user.
In the Create User dialog, configure the new user:
Email:
The user’s email address. This is also the user’s Command Center user ID and sign-on name.
First name:
The user’s first name.
Last name:
The user’s last name.
Admin:
Mark the checkbox if the user is an admin user with admin privileges.
Roles:
Mark the checkbox for each role with which the user should be associated.
Note
This setting is not relevant for users marked as Admin, as they have full system-wide access privileges.
Click Create to confirm creation of the user with the configured settings.
The new user is emailed Command Center sign-on details and a temporary password for the first sign-on.
Note
On first sign-on, the user is required to change the password.
Editing a local user¶
To edit a local Command Center user:
At the top right of the Command Center window, click the cog wheel icon.
In the dropdown menu that displays, select Users.
In the Users screen, locate the user to edit, open the user’s Actions dropdown menu and select Edit.
In the user’s Settings screen, edit the user configuration:
Basic Details
Email:
The user’s email address. This is also the user’s Command Center user ID and sign-on name.
First name:
The user’s first name.
Last name:
The user’s last name.
Admin:
Mark the checkbox if the user is an admin user with admin privileges, or unmark it to remove admin privileges.
Note
If a user is changed to an admin user, the Roles associations are removed for this user, as admin users have full system-wide access privileges.
If the user was an admin user and the checkbox is changed to unmarked to remove admin privileges, the user should be assigned relevant Roles separately, after the Basic Details are updated.
To apply these changes, click Update at the end of the Basic Details section.
Reset Password
To reset the user’s password click Reset.
A Confirm Password Reset dialog opens, notifying that resetting the user’s password will also regenerate the user’s API Key for REST API requests.
To confirm resetting the user’s password, click Confirm.
The user is emailed a temporary password for the next sign-on, that must be changed after sign-on.
Disable/Enable
To enable or disable the user, click the Enable or Disable toggle.
The user’s updated enabled or disabled state displays.
Roles:
Mark the checkbox for each role with which the user should be associated.
To confirm the updated role assignments, click click Update at the end of the Roles section.
Note
This setting is not relevant for users marked as Admin, as they have full system-wide access privileges.
Enabling or Disabling a local user¶
All user attributes remain intact when a user is disabled, except for the ability to access Command Center.
When enabling or disabling an imported user, only the local Command Center user’s ability to access the system changes, and the external Active Directory user is not impacted.
There are two ways to enable or disable a local user:
Enable or Disable a user by using the Actions menu:
At the top right of the Command Center window, click the cog wheel icon.
In the dropdown menu that displays, select Users.
In the Users screen, locate the user to enable or disable, open the user’s Actions dropdown menu and select the Enable or Disable toggle, depending on the user’s current state.
The user’s Enabled column indicator displays the updated state.
Enable or Disable a user in the Edit screen:
At the top right of the Command Center window, click the cog wheel icon.
In the dropdown menu that displays, select Users.
In the Users screen, locate the user to enable or disable, open the user’s Actions dropdown menu and select Edit.
In the user’s Settings screen, in the Disable/Enable section, click the Enable or Disable toggle.
The user’s updated enabled or disabled state displays.
Deleting a local user¶
Deleting a local user removes the user and its attributes from Command Center.
When deleting an imported user, only the local Command Center user’s is removed, and the external Active Directory user is not impacted.
At the top right of the Command Center window, click the cog wheel icon.
In the dropdown menu that displays, select Users.
In the Users screen, locate the user to delete, open the user’s Actions dropdown menu and select Delete.
In the deletion confirmation dialog that displays, click Confirm to proceed with the deletion.
The user’s entry is removed from the grid on the Users screen.
Importing users from an external directory¶
To import users from an external directory service, a connection to the service must be defined.
Viewing directory service connections¶
At the top right of the Command Center window, click the gear icon.
In the dropdown menu that displays, select Remote Authentication.
The Remote Authentication screen displays the directory service connections.
Parameter
Description
Type
Directory type (currently AD LDAP is supported)
Domain
FQDN for the Domain
Alias
Short name for the domain
Port
LDAP service port
Base DN
DN for user search (format: CN=x,DN=y)
DNS
IP of the Domain DNS server
SSL
Whether to use SSL encrypted communication to the DC
Defining a directory service connection¶
At the top right of the Command Center window, click the gear icon.
In the dropdown menu that displays, select Remote Authentication.
In the Remote Authentication screen, click Add Authentication Server.
Configure the new directory service connection:
Parameter
Description
Type
Directory type (currently AD LDAP is supported)
Domain
FQDN for the Domain
Alias
Short name for the domain
Port
LDAP service port
Base DN
DN for user search (format: CN=x,DN=y)
DNS IP #1
IP of the Domain DNS server
DNS IP #2
Alternate DNS IP
SSL
Whether to use SSL encrypted communication to the DC
Click Save.
Important
Command Center uses the LDAP or LDAPS protocol to integrate with Microsoft Active Directory.
LDAP connectivity occurs via port 389/TCP.
LDAPS connectivity occurs via port 636/TCP.
Importing domain users¶
At the top right of the Command Center window, click the cog wheel icon.
In the dropdown menu that displays, select Users.
In the Users screen, click Import directory users.
In the Import Directory Users dialog, enter the domain and its sign-on credentials:
Domain: Select the domain from the dropdown list.
Directory username
Directory password
Click Step 2: Select users.
In the dialog listing the domain’s users, select the users that will be granted Command Center access.
In the same way as during creation of a local user, each imported user can be assigned roles that define their specific privileges.
To confirm importing the selected domain users, click Import Users.
The imported users are added to the Command Center users list.
The Users screen’s Domain column indicates the type of user:
local: User created in Command Center
<domain name>: The domain name of the external directory from which the user was imported.