User Management allows you to enable single sign-on (SSO)
between LiveCycle modules and Netegrity SiteMinder-protected applications
by using Security Assertion Markup Language (SAML). When SSO is
implemented, the LiveCycle user login pages are not required and
are not displayed if the user is already authenticated through the
company portal.
For information about improving the database and directory sync
performance for DB2, see IBM DB2 database: Running commands for regular maintenance.
Configuring User Management for an SSL-enabled LDAP server
Setting user privileges for use with Rights ManagementCreate an administrator user who has the appropriate privileges
for creating users and groups. If your LiveCycle environment includes
Rights Management, grant the privilege to manage invited and local
users to a user who will be the administrator for these users. Also
assign the Administration Console User role to provide the user
with access to Administration Console. (See Creating and configuring roles.)
To view users and groups in selected domains during policy user
searches, a super administrator or policy set administrator must
select and add domains (created in User Management) to the visible
user and group list for each policy set created.
The visible user and group list is visible to the policy set
coordinator and is used to restrict which domains the end user can
browse when choosing users or groups to add to policies. If this
task is not performed, the policy set coordinator will not find
any users or groups to add to the policy. There can be more than
one policy set coordinator for any given policy set.
Note: Creating domains must be done before any policies
can be created.
Set visible users and groupsAfter you install and configure your LiveCycle environment
with Rights Management, set up all appropriate domains in User Management.
In Administration Console, click Services > LiveCycle
Rights Management ES3 > Policies and then click Policy Sets tab.
Select Global Policy Set and then click Visible Users And
Groups tab.
Click Add Domain(s) and add existing domains as required.
Navigate to Services > LiveCycle Rights Management ES3
> Configuration > My Policies and click Visible Users And
Groups tab.
Click Add Domain(s) and add existing domains as required.
Administrator user restrictionsUsers with certain types of administrator privileges cannot access
the Workspace end-user web pages for security reasons. Because these
web pages can exist outside a firewall, permitting administration-level
tasks could pose a security risk. Only users who have the Workspace
Administrator or Workspace User privileges can access the end-user
web pages.
|
|
|