Copyright

© 2021 Outpost24® All rights reserved. This document may only be redistributed unedited and unaltered. This document may be cited and referenced only if clearly crediting Outpost24® and this document as the source. Any other reproduction and redistribution in print or electronically is strictly prohibited without explicit permission.

Trademark

Outpost24® and OUTSCAN™ are trademarks of Outpost24® in Sweden and other countries.



Purpose

This document describes how to create a user on HIAB/OUTSCAN.

Introduction

The Manage Users module allows for viewing and editing of all the users that you are allowed to administer in the system. As the main user you can add and manage more users as well as create and assign user roles.

Prerequisites

User Roles need to be created before the user to be available for selection.
See User Roles for more information on how to create roles.

Create a User

To create a user:

  1. Click Main Menu > Settings > Manage User.
  2. In the Manage User Accounts window select User Accounts tab.
    The buttons at the top center of the screen ids used to create, delete, or import users from LDAP/AD.

    CreateUser01

    Note

    The Import from LDAP/AD function is only available on HIAB. See LDAP/AD user guide for more information on setting up and mapping users in LDAP.

  3. Click + New to create a user.
  4. In the Maintaining User Account window, fill in the Account Details and Login Details.

    CreateUser02

    Note

    In the grid on the lower half of Maintaining User Account window, the account access and rights can be further set up in the different tabs. Note that the tabs differs depending on your license. 

    Account Details

    Option

    Description

    Parent Account

    Sets the parent account, could be used to create hierarchy structures.

    First name

    The first name of the user.

    Last name

    The last name of the user.

    Email

    The email address of the user.

    Mobile number

    The mobile number of the user.

    Country

    The country of the user.

    State

    The state of the user (Active if Country is United States).

    Email PGP public key

    Select PGP public key or click the + sign to upload a PGP key.

    • None
    • Unencrypted
    • [uploaded keys]

    Login Details

    Option

    Description

    Authentication
    (HIAB Only)

    Choose if the user credentials should be verified against the local database or the defined LDAP or Active Directory server.

    Username

    Enter a username.

    Password

    Enter a password, or generate a password using the password button. Passwords are generated according to the password policy located in the Security Policy tab under Main Menu > Settings > Account.

    See section Password Policy in Account Settings document for information on how to set password policies.

    Password againConfirm the password by re-typing in this field.

    Require password change on next logon

    If enabled, forces the user to change his/her password the next time they log in to the system.

    2-Factor Authentication

    If enabled, you may set up the mode of authentication from here. Mobile Security Code or Google Authenticator can be used for authentication. The method used for authentication can be limited, depending on the options configured for two factor authentications in the security policy.

    When Google authentication is selected, you will be asked to enter the credential ID which is used to set up the account.

  5. In Account Settings tab you can deactivate an account and set the users notification.

    OptionDescription
    Active

    Activate or deactivate account.

    Super UserA user with Super User enabled will have the same rights as the main account (which is unrestricted).
    Receive System NotificationsWhen Super User is active, the user can receive system notifications, or have it deactivated.
    Allow Enroll HIABAllow the user to enroll HIABs.
    Send Informative Email

    If Send Informative Email is activated, then the system will send an email to the sub user when their account has been changed.

    Escalate tickets toThe Escalate tickets to drop down menu allow you to define who should receive any tickets which has not been resolved prior to its due date (which were assigned to this specific user).
  6. Assign the user with one or more Granted User Roles otherwise the user will not be allowed to perform any actions in the system.
    For more information on how to create user roles, see User Roles.

    CreateUser03

  7. In the Granted Targets tab, you can define which targets and scanners (if enabled) the user should have access to.

    CreateUser04

    • Not all Targets Granted limits the target groups and targets a user can see and administrate. The target list feature should be used sparsely since it create an overhead when it comes to administrative task in the long run. The only time you should use this feature is when you would like to grant access to a whole IP range without having to define all targets within the system.
    • Granted Scanners limits which scanners the user has access to within the system. If All Scanners is selected then the user will also automatically have access to scanners which are added afterwards.
  8. Once the user has been set up, click Save.

Reference