Configuring user access – HP Identity Driven Manager Software Series User Manual

3-40

Using Identity Driven Manager
Configuring User Access

Configuring User Access

The process of configuring User access to network resources using IDM is
simplified through IDM’s ability to learn User information from the Active
Directory or RADIUS server, and the use of Access Policy Groups.

If Active Directory synchronization is enabled, IDM creates an Access Policy
Group for each Active Directory group selected in User Directory Settings
preferences and adds the users assigned to the Active Directory group to that
Access Policy Group in IDM. Users are assigned to Access Policy Groups
based on the rules explained in Using Active Directory Synchronization (see
page 2-43)

If you do not use Active Directory synchronization, once you have configured
the Access Policy Groups, you simply assign users to an APG. The next time
the user attempts to log in to the network, IDM uses the rules in the user’s
Access Policy Group to dynamically configure the edge switch to provide the
appropriate access to the network.

Click the

Users

tab on the

Access Policy Group

or

Realm

window to display the

list of users.

Figure 3-29. Users tab

The Users list identifies every defined user and contains the following infor-
mation for each user:

Logged In

Icon indicates whether the user is currently logged in:

User is logged in.

User is logged out.
The icon is greyed out if session accounting is disabled.

Username

Name given to User’s login account. Right-clicking a username
displays a menu of user-related functions.