Active Directory Service - User Administration - Metasys - LIT-1201528 - General System Information - Metasys System - 10.1

Security Administrator System Technical Bulletin

Product name
Metasys System
Document type
Technical Bulletin
Document number
Revision date

Use the Metasys Security Administrator System available on the Metasys server or SCT to add existing Active Directory service users to the Metasys system. The Security Administrator System does not create or maintain user accounts in Active Directory service; it merely uses existing Active Directory service user accounts. Active Directory service tools handle any changes to Active Directory service user accounts such as password changes or resets. (For details on adding Active Directory service users, see User Account Rules.)

The system creates a Metasys system audit record whenever you add or remove an Active Directory service user from the Metasys system. Use the Security Administrator system to assign Metasys privileges to Active Directory service users whom you have added to the Metasys system. These privileges include those based on system, category, feature, and property.

You assign and maintain all privileges for Active Directory service users in the same manner as for Metasys local users. Additionally, the UI provides all the same windows, menu options, and tabs that are provided when administering a Metasys local user. However, some UI screens display a combination of Metasys specific data and Active Directory service data, whereas other screens have some options unavailable. For example, the telephone number and email address properties for Active Directory service users are shown but cannot be edited because these are properties under the control of Active Directory service. Such properties are preceded with the dimmed label Active Directory.

Any Standard Access administrator can assign permissions to any Active Directory service user whom you have added to the Metasys system, whereas any Basic Access Administrator may assign permissions to Basic Access type users. You may assign privileges directly to the Active Directory service user or assign the user to a Metasys role. Also, Standard Access Administrators have full control to add, remove, update, and assign permission operations for any Metasys Active Directory service user. Basic Access administrators can add, remove, update properties, and assign permissions to Metasys Active Directory service users who are designated for Basic Access.