13 user and guest access management, User management – H3C Technologies H3C Intelligent Management Center User Manual

982

13 User and guest access management

As intelligent network management software that supports the FCAPS model, IMC manages not only the

devices that join IMC, but also users who access the enterprise network through those devices. IMC

provides user authentication function to prevent unauthorized network access. Moreover, IMC can
control users to access only necessary network resources. To manage users through IMC, first add user

information to IMC. The first part of this chapter describes how to add user information to IMC.
In addition to the internal users, an enterprise or organization usually has temporary, external users.

These users are called "guests." Compared with the internal users, guest users access the network for a

short time, and are assigned restricted network access privileges. To meet these requirements, IMC
provides the guest management functions, which allow network administrators to control guest

permissions and their network behaviors. The second part of this chapter describes how to manage guest

users.
This chapter comprises the following two parts:

•

User management—Describes how to manage users who require long-term access to the enterprise
network, generally including the company employees and administrators of the enterprise network.

•

Guest Access Management (GAM)—Describes how to manage guest users who require short-term
and temporary access to the enterprise network.

User management

The user management module is used to manage users that are connected to the enterprise network and
access the network resources. When no user function module or component is deployed, the User tab

does not appear in the top navigation bar. The User tab appears only when at least one of the following

components is deployed:

•

User Selfservice Management

•

Guest Access Management (GAM)

•

User Access Manager (UAM)

For how to deploy the components, see H3C IMC Deployment Guides.
The operator can manually add users (small number of users) or imports users in batches (a large number

of users) to the user management module. The operator can then modify the basic user information and
maintain user information, or cancel users from the user management module.
The operator can open self-service accounts for users, allowing users to log in to the SOM self-service

platform to perform authorized operations. After UAM is deployed, the operator can apply for access

accounts for users to access network resources.
By default, IMC defines certain properties to identify the personal information and contact method of

users, facilitating user management and maintenance. Operators can also customize additional

properties for users.
IMC operators can modify additional information of users and cancel users in batches to improve
management efficiency.
The user management module provides group-based management that manages operation rights of

self-service accounts on the SOM platform.