Editing an LDAP user group
You cannot change the type and name of the LDAP user group.
To edit a user group:
- In the menu, go to the Users section.
The user management page is displayed. The Users tab, which is selected by default, displays the table of users.
- Select the Groups tab.
A table of LDAP user groups is displayed.
- Click the LDAP user group that you want to edit.
- In the displayed settings area, in the Role drop-down list, select the role of LDAP users in the group:
- Administrator
- Tenant
- If you want to assign an access permission to an LDAP user group, in the Permissions drop-down list, select the previously created access permission. By default, the LDAP user group gets the Full access permission, which grants full access to the orchestrator web interface.
- Enable or disable two-factor authentication for the LDAP user group by doing one of the following:
- If you want to enable two-factor authentication for the LDAP user group, select the Two-step authentication check box. Users in the LDAP user group must complete two-factor authentication the next time they log in to the orchestrator web interface.
When two-factor authentication is enabled for a group of LDAP users, authenticated LDAP users are displayed in the table of users. You can disable two-factor authentication for an LDAP user by editing the user. If you disable two-factor authentication for an LDAP user group, the LDAP users are no longer displayed in the table of users.
You cannot enable two-factor authentication for an LDAP user group if two-factor authentication is disabled for all users.
- If you want to disable two-factor authentication for an LDAP user group, clear the Two-step authentication check box.
- If you want to enable two-factor authentication for the LDAP user group, select the Two-step authentication check box. Users in the LDAP user group must complete two-factor authentication the next time they log in to the orchestrator web interface.
- Click Save.
The LDAP user group is modified and updated in the table.