立即与支持人员聊天
与支持团队交流

Active Roles 8.2.1 - Web Interface Configuration Guide

Introduction to the Web Interface Deploying the Web Interface Getting started with the Web Interface Web Interface Basics Performing Management Tasks Using Approval Workflow Customizing the Web Interface
About Web Interface customization Web Interface customization terms Configuring Web Interface menus Configuring Web Interface forms Web Interface customization examples Web Interface global settings Customizing the Web Interface Navigation bar Customizing the Web Interface Home page Configuring Web Interface for enhanced security
Default Commands

Managing Active Directory objects

The Directory Management section of the Web Interface allows you to browse for, and administer, directory objects in your organization. You can navigate through containers in the directory; view, filter and select objects held in the container; and apply commands to the selected object or container.

Whether you can perform a certain management task depends upon permissions granted to your user account, and the Web Interface customization settings.

A general procedure for performing a Directory Management task is as follows.

To perform a management task

  1. On the Navigation bar, click Directory Management.

  2. On the Views tab in the Browse pane, click one of the following:

    • To manage objects in Active Directory containers, such as domains or organizational units, click Active Directory. This displays a list of Active Directory domains.

    • To manage directory objects in a certain Managed Unit, click Managed Units. This displays a list of Managed Units.

  3. In the list of objects, do one of the following:

    • To navigate to a container, such as an organizational unit, click the name of that container.

    • To perform a command that applies to the current container, click that command in the Command pane under the name of the current container.

    • To perform a command on a particular object held in the current container, select the check box next to the name of that object, and then click the command in the top area of the Command pane, under the name of the object.

    • To perform a command on two or more objects at a time, select the check box next to the name of each object, and then click the command in the top area of the Command pane.

    NOTE: In the list of objects, clicking the name of a leaf object such as a user or group, displays a page where you can view or modify object properties; clicking a container object such as a domain or an organizational unit, displays a list of objects held in that container.

When you perform a management tasks, the Web Interface supplements and restricts your input based on policies and permissions defined in Active Roles. The Web Interface displays the data generated by policies, and prevents the input of data that would cause policy violations. The following rules apply:

  • If a policy requires that a value be specified for a particular property, the name of the field for that property is marked with an asterisk (*).

  • If a policy imposes any restrictions on a property, an information icon is displayed next to the name of the field for that property. Click the icon to view policy information, which you can use to enter an acceptable value.

  • When you specify a property value that violates a policy, and click Save, the Web Interface displays an error message. Review the error message and correct your input.

  • Pages for object creation must include the entries for all required properties. Otherwise, the Web Interface fails to create the object. For information on how to configure forms, see Configuring Web Interface forms.

  • Object property pages display the values of the properties for which you have the Read permission. You can modify only those properties for which you have the Write permission. The properties for which you only have the Read permission are displayed as read-only.

  • The Command pane includes only the commands that you are permitted to use.

  • The list of objects includes only the objects that you are permitted to view.

Batch operations

In the Web Interface, you can select multiple objects (such as users, groups and computers), then apply a certain command to your selection of objects. This allows you to perform a batch operation on all the selected objects at a time instead of running the command on each object separately. The Web Interface supports the following batch operations:

  • Delete: Allows you to delete multiple objects at a time.

  • Deprovision: Allows you to deprovision multiple users or groups at a time.

  • Move: Allows you to move a batch of objects to a different organizational unit or container.

  • Add to groups: Allows you to add a batch of objects to one or more groups of your choice.

  • Update object attributes: Allows you to perform bulk attributes operations on multiple users at a time.

  • Reset Password: Allows you to reset the password for multiple users at a time.

Batch operations are available in the list of objects on the following Web Interface pages:

  • Search: This page lists the search results when you perform a search.

  • View Contents: This page displays the objects held in a given Organizational Unit, Managed Unit, or container.

To perform a batch operation, select the check box next to the name of each of the desired objects in the list, then click a command in the top area of the Command pane. This runs the command on each object within your selection.

NOTE: Active Roles administrators can customize Web Interface by adding and removing commands, and modifying pages associated with commands. For more information, see Customizing the Web Interface.

Example 1: Enabling a user account

This topic demonstrates how to enable a blocked user account by using the Web Interface.

To enable a blocked user account

  1. Locate the user account you want to enable. For instructions on how to locate objects in the Web Interface, see Locating directory objects.

  2. In the list of objects, select the user account you want to enable.

  3. In the Command pane, click Enable Account.

NOTE: If the user account is not blocked, the Command pane includes the Disable Account command instead of the Enable Account command.

Example 2: Adding a user to a group

This demonstrates how to add a user account to a group by using the Web Interface.

To add a user account to a group

  1. In the Web Interface locate and select the user account. For instructions on how to locate objects in the Web Interface, see Locating directory objects.

  2. In the Command pane, click Member Of.

  3. On the Member Of page that appears, click Add.

  4. On the Select Object page that appears, perform a search to locate the group. For instructions on how to configure and start a search, see Searching for directory objects.

  5. In the list of search results on the Select Object page, select the group to which you want to add the selected user account, then click Add.

相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级