To create a SaaS administrator account
As a SaaS administrator, log in to the BMC Helix SSO Admin Console.
Click the Admin User tab.
The list of administrator users is displayed.Click Add Admin User.
On the Add Admin User page, enter the following details:
- Admin User Login—Name of the BMC Helix SSO administrator. The value is case insensitive.
- Password
Confirm Password
Important
The password must correspond to the following requirements:
1. The password length must be between 8 and 128 characters.
2. You can use only ANSCII printable characters, and the password must contain characters from each of the following four categories:
- uppercase letters
- lowercase letters
- numeric characters
- special characters, except for a space characterThe example of the valid password - Ab1%Cd2#.
Click Save.
The SaaS administrator account is now added, and it is available in List of Admin Users.
To create a tenant administrator account
As a SaaS administrator, log in to the BMC Helix SSO Admin Console.
- On the navigation panel, click Tenant.
- From the list of tenants, select a tenant for which you would like to create a tenant administrator user account.
- Click the pin icon to switch to the BMC Helix SSO Admin Console of the selected tenant.
On the navigation panel, click the Admin User tab.
The list of administrator users is displayed.Click Add Admin User.
On the Add Admin User page, enter the following details:
- Admin User Login—Name of the BMC Helix SSO administrator. The value is case insensitive.
- Password
Confirm Password
Important
The password must correspond to the following requirements:
1. The password length must be between 8 and 128 characters.
2. You can use only ANSCII printable characters, and the password must contain characters from each of the following four categories:
- uppercase letters
- lowercase letters
- numeric characters
- special characters, except for a space characterThe example of the valid password - Ab1%Cd2#.
Click Save.
The tenant administrator account is now added, and it is available in List of Admin Users.
User management tasks
Under the Action column on the Admin User tab, you can manage the administrator user accounts by performing the following tasks:
| Task | Description |
|---|---|
| Lock or Unlock Admin User | If a user account has violated any policies, you can temporarily disable this user by locking the account. When you lock an administrator account, the current session of the administrator user does not get invalidated. You must manually invalidate the current session of this user. For information about how to invalidate a user session, see Invalidating and configuring end user sessions. If an administrator exceeds the number of login attempts by trying to log in using an incorrect password, the administrator account is locked automatically if you have configured the automatic lockout feature. You can unlock an administrator user at any time. Note: You cannot lock an administrator account under which you are currently logged in. To lock the account, you must log in to the BMC Helix SSO Admin Console as another administrator user. |
| Edit Admin User | You can change the password of an administrator. The password complexity is the same as for creating a new administrator. Note: You cannot change the login name of an administrator. |
| Delete Admin User | You can delete an administrator account. When you delete an administrator user account, the old sessions of the administrator user account do not get invalidated. You have to manually invalidate the old sessions of that administrator user. Note: You cannot remove an account under which you are currently logged in. To remove the currently logged in user account, log in to the BMC Helix SSO Admin Console as another administrator user, and delete the required account. |
To configure BMC Helix SSO to lock an administrator account automatically
You can configure BMC Helix SSO to automatically lock an administrator account in a case of brute force attack. By default, this feature is enabled.
Log in to the BMC Helix SSO Admin Console.
Click the General tab.
Select Basic > Session Settings.
In the Admin Lockout Threshold field, select a value to set the maximum number of unsuccessful login attempts allowed by BMC Helix SSO within one minute.
If the number of login attempts exceeds the number of attempts that you have set, the administrator account will be locked automatically.
Important
- The default value is 0. The lockout feature is disabled when this value is set to 0.
- The lockout feature applies to internal administrators only.
Click Save.
Overview
Content Tools
Apps
Reporter Replacement
com.bmc.atlassian.bmc-util-plugin-2.section.label
Tasks