This articles provides details on how Nervepoint Access Manager can help you manage your Identities using the Identities and Template page.
Identities
This page provides you with a view on your Identities within the system.
- Logon name: the name used to login with and also used when users log into the 'My Account' page to configure their authentication details
- Directory: the directory that the user belongs to
- Last logon: the last time the identity logged in
- Password Expires: when a users password is to expire. If you have enabled the soon to expire email scheduler then your users will be notified before their password expires
- Password Status: for the given identity the state of their password and if it expires
- Account Status: whether the account is locked or active meaning it can be used
For a more visual look to this data refer to the charts on the Dashboard page.
Managing Multiple Users
As well as selecting individual users, the identities page also allows you to select multiple users, this is useful to view statistics for the selected users or save time performing multiple tasks at once.
First select the users by checking the boxes, once the required users are selected hit the Report button to generate a report for the selected users.
The Selection tab displays detailed information about the selected users. You can also Ignore or Disable these users.
The Profiles Tab shows more detailed information about the state of the users profiles. From here you can send these users an Incomplete profile reminder or Reset their profile.
Filters
This information can be quite large so Nervepoint Access Manager provides a filter at the top of the table allowing you to narrow down which users you wish to look at.
The following actions are available:
- Search: click the search icon
to filter based on the input fields - Reset Filter: click the clear icon
which will remove your filter - Configure Table Options: selecting this icon
will allow configuration of the displayed options shown in the table
Using Search Filters
The Search drop-down filter menu allows you to apply various search filters to the user lists. First select from the Directory selector on the left, from here you can select 'All directories' or an individual directory. Then select the required filter from the 'Search' menu, in the example above we are displaying 'All who have incomplete profiles'. The enables you to quickly and easily target the users and information you are looking for.
Send Incomplete Profile Reminders
For those users that have yet to configure their authentication details you can send email reminders. The best way to do this is to use the Select All option, select the Profiles option and select the Send Incomplete Reminder option. This action is also available from the Dashboard page next to the Incomplete Profiles chart.
This process will identify only those identities with incomplete authentication profiles for example, if QA authentication has been configured for Password Reset, Account Unlock and My Account across all three access points, (web-portal, desktop, mobile) the system will send reminders to only those users that have not yet provided answers to their QA questions - the exact email sent can be configured from the Templates page. If PIN is configured instead of QA authentication, or several authentication modules have been configured for multi-factor authentication across one or all of the self service actions for any access point then a reminder email will be sent to those identities which have not yet have answered these authentication factors.
Schedule Password Expiry Reminders
To help your end users change passwords in time Nervepoint Access Manager can send periodic reminders from the Template page.
By selecting the Password Near Expiry Email template Nervepoint Access Manager makes available the password expiry reminder scheduler which is visible at the bottom of the page.
Simply add the number of days before a password is to expire to send reminders to your userbase automatically across all directories. For example, the default value of 10, 2, 1 will send an email when an Identity's password is to expire 10 days before, 2 days before and the day before.
