...

• The Identity Service Type determines if user accounts are managed from JOC Cockpit or from the Identity Provider, for example from an LDAP Server.
  • The JS7 - JOC Identity Service offers to manage provides management of user accounts.
  • The JS7 - HashiCorp® Vault Identity Service offers to manage provides management of user accounts if the VAULT-JOC-ACTIVE Identity Service Type is used.
• Operations to manage for managing user accounts include to:
  • add a user account by assigning a name, password and roles,
  • modify a user account by modifying the name, password or role assignments,
  • delete a user account,
  • enable/disable a user account,
  • force password change for the next login of the user account,
  • reset password for the user account.
    • An initial password is applied that can be configured from JS7 - Identity Services, chapter: Global Settings.
    • The default value for the initial password is: initial
  • assign roles to the user account.
• Bulk operations are available to apply for applying changes to a number of user accounts.

Navigation

The functionality to manage user accounts function is available from Identity Services that offer this option.

...

To select the JOC Identity Service users click the name JOC. This brings up the following sub-view to manage for managing accounts when selecting the Accounts sub-view:

...

• The required sequence of tasks is to first create roles that are assigned permissions and then to add user accounts, see as described in the JS7 - Manage Roles and Permissions article.
• Using the Add Account button brings forward the following popup window:
  
  

...

• The name of the user account has to be added.
• A password can be specified and has to be repeated.
  • If a password is specified then it's hashed value is stored to in the JS7 - Database.
  • If no password is specified then the initial password is applied:
    • The initial password can be configured from JS7 - Identity Services, chapter: Global Settings.
    • The default value for the initial password is: initial

...

Explanation:

• The popup window allows to modify modification of the account name, password, role assignment etc.
• For the handling of passwords see Add User Account.
• Checkboxes to Force Password Change and to Disable the user account correspond the operations explained below.

Anchor
delete_user_account delete_user_account

Delete User Account

The operation to delete a user account operation is available from the account's action menu like this:

...

Anchor
enable_disable_user_account enable_disable_user_account

Enable/Disable User Account

The operation to disable a user account operation is available from the account's action menu like this:

...

If a user account is disabled then its action menu offers provides the option to enable of enabling the account like this:

Anchor
force_password_change force_password_change

Force Password Change

...

• The user account's password is reset to the initial password.
• The initial password can be configured from JS7 - Identity Services, chapter: Global Settings. The default value for the initial password is: initial
• On their next login the user has to change its the password. The initial password cannot be used as the new password during password change.

...