Creating a user account
July 10, 2024
ID 249489
To create a KSMG user account:
- In the main window of the application web interface, open the management console tree and select the Accounts and roles section.
This opens the user account table on the Accounts tab.
- Click Create account.
This opens the user account creation window.
- In the Type field, select the type of the account:
- Local user
- SSO user
- If you selected the Local user account type, specify the following details:
- In the Login field, enter the login name of your user account.
The login name is case-sensitive. The maximum length of the login name is 128 characters.
- In the Password field, enter the password of the user account.
The password must contain upper and lower case Latin letters (A–z), numerals (0–9), and special characters. The password must be at least 15 characters long.
To see the password you entered, click and hold the icon as long as you need.
- In the Confirm password field, re-enter the password.
Before saving the record, copy the password to give it to the user. You must take steps to ensure the security of the communication channel and password delivery method.
A local account password (including the Administrator account) is valid for one year. When the administrator tries to log in to the application web interface with an expired password, a password change prompt is displayed. A local user is only able to authenticate after changing the password.
After you save the account, the password can no longer be viewed. KSMG only stores the hash of the password, not the password itself.
- If you want the user to change the password after the first authorization in the application, select the User must change password at next logon check box.
- In the Login field, enter the login name of your user account.
- If you selected the SSO user account type, in the Login field, enter the user name of the SSO user. Login name format:
domain\user name
for NTLM authentication oruser@REALM
for Kerberos authentication. The login name is case-sensitive.When entering the value, a suggestion is displayed, listing accounts from the LDAP cache that contain the entered characters.
If no match is found in the LDAP cache, you can enter an arbitrary value.
- In the Role drop-down list, select one or more roles for the user account.
The selected roles are displayed in the row. To remove a role from the list of selected roles, to the right of the role name, click . To clear the list of selected roles, click .
If the role you want is not present in the drop-down list, you can create it by clicking the Create role link in the lower part of the drop-down list and then assigning it to the user.
- In the Description field, enter any explanatory information, such as the reason for the assigned role or the name of the employee for whom the user is created. The maximum length of the text is 512 characters.
- Click Create.
The user account is created and displayed in the table of user accounts on the Accounts tab.