Complete the following steps to create a Legacy Administrator:
This process applies if one or more of the following criteria are met:
Note: Legacy Administrators can also be used to access the Administrative UI if the policy store is configured as the source of administrator identities (the default). Once an external administrator store is configured, Legacy Administrator accounts can no longer be used to access the Administrative UI.
Create a Legacy Administrator record to store the Legacy Administrator identity in the policy store.
Follow these steps:
The Legacy Administrators screen appears.
The Create Legacy Administrator screen appears.
The Create Legacy Administrator screen appears.
Note: Click Help for descriptions of settings and controls, including their respective requirements and limits.
Consider entering a unique ID that adheres to your corporate standards. Adhering to your corporate standards does the following:
The value appears as the display name when a user logs in to the Administrative UI. The display name identifies who is logged in.
Example: If you enter Joe Smith, the Administrative UI display name appears as the following:
Logged in as Joe Smith.
The administrator record is created.
Note: You delegate privileges to the Administrative UI after creating the Legacy Administrator.
An administrator has access to all policy domains in the Policy Management API. If you select System, a Task section appears.
An administrator has access to a specific subset of policy domains in the Policy Management API. If you select Domain, the Tasks and Scope section appears. The Tasks section lists the administrative tasks that can be performed. The Scope section lists the available domains that can be managed.
Note: The Scope section on the Create Legacy Administrator screen is not related to Administrator account scoping using workspaces.
– Manage Domain Objects
– Manage Users
– Manage Password Policies
You have created a Legacy Administrator.
Note: An Administrator account, associated with the Legacy Administrator record in the policy store, is also created to provide Administrative UI access.
When a Legacy Administrator is created, an Administrator account associated with the same record in the policy store is also generated. This Administrator account is configured with Administrative UI access privileges that correspond to the settings specified for the Legacy Administrator.
Changes to the Legacy Administrator settings that affect access privileges are automatically propagated to the associated Administrator account.
You can also directly modify the associated Administrator settings to take advantage of the fine-grained Administrative UI access privileges available to Administrator accounts.
Note: Changes to the associated Administrator account settings are not propagated back to the Legacy Administrator. Additionally, once changes are made to the associated Administrator, changes to the Legacy Administrator are no longer propagated to the Administrator account.
Copyright © 2013 CA.
All rights reserved.
|
|