Support

Support for business applications

Kaspersky SD-WAN

Managing users and their access permissions

Managing users

Creating a user

Kaspersky SD-WAN
Нет результатов
Online Help
FAQ Forum Contact support Recovery tools

Creating a user

April 17, 2024

ID 268261

Save as PDF

You can create local and LDAP users. Credentials of local users are stored in the orchestrator database. LDAP user credentials are stored on the remote server. If you want LDAP users to be able to log in to the orchestrator web interface using their credentials, you must first create an LDAP connection that the orchestrator uses to connect to the remote server, and then create your LDAP users or LDAP user groups.

To create a user:

  1. In the menu, go to the Users section.

    The user management page is displayed. The Users tab, which is selected by default, displays the table of users.

  2. Click + User.
  3. In the displayed settings area, in the Source drop-down list, select the user type:
    • Local (default) If this value is selected in the Password and Password confirmation fields, enter the password of the user. The password must contain at least one uppercase character (A–Z), one lowercase character (a–z), a numeral, and a special character. Password length: 8 to 50 characters. To see the entered password, you can click the show icon .
    • LDAP
  4. In the Username field, enter the user name of the user. The remote server user name is specified in the user@domain or domain\user format.
  5. In the Role drop-down list, select the role of the user:
    • Administrator
    • Tenant
  6. If you want to enable two-factor authentication for the user, select the Two-step authentication check box. This check box is cleared by default. The user must complete two-factor authentication the next time the user logs in to the orchestrator web interface.

    You cannot enable two-factor authentication for an individual user if two-factor authentication is disabled for all users.

  7. If you want to assign an access permission to a user, in the Permissions drop-down list, select the previously created access permission. By default, the user gets the Full access permission, which grants full access to the orchestrator web interface.
  8. If you want to create a confirmation request every time the user performs an action, select the Request confirmation is required check box. By default, the check box is cleared and the user can perform actions without confirmation.
  9. In the First name field, enter the first name of the employee.
  10. In the Last name field, enter the last name of the employee.
  11. If necessary, enter additional information about the user:
    1. In the Email field, enter the email address.
    2. In the Description field, enter a brief description of the user.
  12. Click Create.

The user is created and displayed in the table. By default, the user is blocked.

You must unblock the user to grant that user access to the orchestrator web interface.

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.