ManageEngine® Applications Manager
Applications Manager permits four types of user access to work with the product. The different roles are:
The system users have read only access to all components of the product. You will not have the privilege to access, configure or edit the different components of the product. To delete a user, you should have logged in as default Administrator.
The system operators have read only access to those components of the product that the administrator assigns to the operator. You will not have the privilege to access, configure or edit the different components of the product. If operator is part of a Monitor Group, then the restrictions will take effect only for the operator and not others.
Using the Permissions options, you can allow Operators to manage / unmanage
monitors, reset the status of monitors, edit display names and also to execute actions. Otherwise, the admin user has permission to perform these activities.
Also, permission can be given to Admin or operator to use the Telnet client of the server monitor, if the server was added in Telnet & SSH mode. AS400 Permissions allow you to permit Operators to execute AS400 Admin activities.
This is for Operator only. Using View option, you can define how to represent your subgroup in the webclient.You can either show the associated subgroups directly in the home tab itself or from the corresponding top level Monitor Group.
To enhance Web Client security, Account Policies can be configured. You can define the number of continuous failed login attempts to lock user account and Idle session timeout. You can enforce single user session and strong password rules.
Strong password rules
The system administrators are allowed to perform all admin activities as explained in Performing Admin Activities. You also have the privilege to configure user administration as explained below.
Applications Manager allows the system administrators to configure any activity with ease. To create a new user access, follow the given steps:
In Admin page, click User Administration under Global Configurations. This lists the User Profile(s) that consists of the User name and the role.
To add a new user, click Add new. This opens the 'Configure User' screen.
Specify a unique User name and password. The description and e-mail info are optional.
Choose the role (User/Operator/Administrator).
Click Create User to complete the task.
Note: The default user access of Applications Manager is admin (Administrator). All users log into Applications Manager as Admin users and are given all the administrative privileges to work with the tool.
The Manager has an integrated high-level view of the Business Infrastructure. Service Level Agreements (SLAs) can be created and associated with various business applications and servers. More information on Manager role can be viewed here.
Note: You can assign the owners for the Monitor Groups while creating the Monitor Groups or while editing the existing Monitor Groups
To delete a user
In Admin page, click User Administration under Global Configurations.
Select the user(s) to be deleted.
Setting up of user accounts, passwords, and assigning privileges to different roles manually, while assuring security is a time-consuming task. We require a more convenient method to add a large number of users to Applications Manager.
Active Directory Authentication Module is implemented in order to ease the user administration in Applications Manager. Using Active Directory(AD) authentication module you can import users from Active Directory to Applications Manager. Active Directory authentication enables users to log in to Applications Manager if they have an account in an Active Directory domain.
Users imported from the Active Directory can login into Applications Manager using their Active Directory credentials. This removes the users' burden of remembering yet another username & password for Applications Manager alone.
Since Active Directory authentication is done in the Domain Controller all the account policy regulations of the company/domain is automatically inherited to Applications Manager credentials also.
To import users from Active Directory, use the following steps:
Click on the Admin tab.
Under the Applications Manager Server Settings click User Administration to see a list of User Profiles.
Click the Add New link under the list of user profiles to come to the New User page.
Click on the new tab called Import Users from Active Directory.
You can select an already added domain from the drop-down list or add a new domain. You can also edit the existing Domain controller settings in the same manner.
Select the Add New Domain option from the Domain Name drop-down list.
Enter the following details:
Domain Name: Name of the domain from where the users need to be imported.
Domain Controller: The hostname or the IP address of the DNS server for the domain.
Username: Active directory username of the domain user in DOMAIN\username format
Password: Active directory password of the domain user.
Search Filter: To filter out search result you can use characters followed by * as well as the role criterion in LDAP search filter format. These search filters use one of the following formats <filter>=(<attribute><operator><value>) or (<operator><filter1><filter2>).
For example: "(&(objectCategory=person)(objectClass=user)(!cn=andy))"- All user objects but "andy".
Click on the Fetch Users from AD button to import users from the active directory.
When the list of existing users is displayed select the user(s) to be added, assign roles and click on Add Users to add the users.
In the new Import Users tab from Active Directory pop-up window select the users that you wish to add from the drop-down list.
Assign a role - Operator,User,Administrator or Manager to each of the users.
Click on the Add User button to import the user to Applications Manager or click on Add Users And Configure Another to add more users.
You can edit User Profiles from the list of users.