Create and manage users
This topic describes how to create and manage users depending on the type of authentication realm.
Internal Security / Internal Storage type users
For Internal Storage type authentication realms, such as the default Internal Security authentication realm, you create users in the Administration > Security section.
When adding a user, the username and password is what the individual uses when logging in to Deployment Automation. The username is also displayed when setting up additional security.
After you have added the user to a group, you may need to configure additional permissions, for example, when the new user is mapped to a group that has limited permissions.
Include an email ID for the user if you want them to be eligible to receive email notifications. See Configure email notifications.
After LDAP configuration is complete, when new users log in with their LDAP credentials, they are listed in the Authentication Realms pane.
Avoid managing user passwords or removing users from the list. If active users are removed from Deployment Automation, they can still log in to the server if their LDAP credentials are valid.
Single Sign-On users
OpenText SBM solutions, such as Release Control, can use Single Sign-On (SSO) to access Deployment Automation functionality.
The users are created in SBM. When Deployment Automation is accessed the first time from SBM, the corresponding user is automatically created in Deployment Automation.
PKI Certificate users
Users authenticated with PKI Certificate are automatically created with the first login using the associated CA certificate. They are automatically added to an authentication realm of PKI Certificate type.
These users are assigned to a group based on the Default security group set in the system settings. If the default security group is not configured, PKI Certificate users are not assigned to a group. For details, see Change system settings.
Administrators can also add users to the PKI Certificate authentication realm without providing users' client certificates. The administrator assigns the users to groups manually and configures permissions on a user by user basis. When users log in with their certificates, they are identified by their login name, and their data is updated from the properties provided in the certificate, such as username and email ID.
Administrators map certificate properties to user properties when configuring the PKI Certificate authentication realm. See Add a PKI Certificate authentication realm.