4.4.2 Managed account management

When Profile > Account Management > Managed account management is selected, the following managed account management list page is brought up:
images/plugins/servlet/confluence/placeholder/unknown-attachment.png
worddave3c7c281434a41f13cbfb15772a70dfc.png
<Managed account list>
A list of accounts that the user can manage is displayed in managed account management. The items in the list are described below.

  • Checkbox: When the checkbox is selected, and the "Password" button is clicked, a page where the password for the account can be changed is brought up. Items where a checkbox is not shown are systems where the password is synced to be identical to the IM password.

  • Resource: Displays the name of the system of the managed account

  • Account: Displays the managed account name When the account name is selected, the View account details screen is brought up.

  • Status: Displays the status of the managed account. The following are the types of account:

  • Active: The account is enabled and can be used

  • Inactive: The account is disabled and cannot be used

  • Disabled-Initial standby: The account has not been enabled after creation. When the password is changed, the account becomes enabled.

  • Disabled-Password expired: The account has been disabled because the password usage period has expired.

  • Editor/date&time: Shows the user who changed the account info and the date & time of change

Change managed account password
When the account whose password will be changed is selected from the managed accounts list, and the "Password" button is clicked, the change account password screen is brought up.
images/download/attachments/1089334/worddavd657d845f126d0e89358f8d62aca1eff.png
<Change managed account password>
Enter the password to be changed in the respective password fields and click the "Save" button to change the password. Here, to change the passwords of all accounts to the same password, select "Change all". When a password is entered in the change all item, the password for all accounts shown can be changed to the same password.

  • <View managed account details>

When the account name is selected from the managed accounts list, the following view account details screen is brought up:
images/download/attachments/1089334/worddavffe127f242697508596bca2a01bdd2de.png
<Managed account details>
The items on the view account details screen are described below.

  • Account: Displays the account name

  • Resource: Displays the system name

  • Account status: Displays the status of the account

  • Date & time of last use: Displays the date & time the account was last used. This is displayed only when the data is synced in access control.

  • Request possibility: Indicates whether an account can be requested

  • Password changed by: Displays info on the last user to change the password

  • Password change policy: Shows the password change policy of the account

  • Automatic: Admins and individual users can change passwords, but the password can be changed automatically using scheduled tasks.

  • Edit: Only admins or individual users can change passwords.

  • Password change date & time: Displays the date & time of password change

  • Description: Displays the account description

Descriptions for additional account info will be omitted, since additional info varies for OS/DBMS/Network tool.
The buttons on the view managed account details screen are described below.

  • List: Brings up the managed account list screen

  • Refresh: Refreshes detailed managed account info

  • Edit: Brings up the edit managed account page

  • Password: Brings up a page where the managed account password can be changed

  • Inactive: Disables a managed account

  • Active: Enables a managed account

  • Grant and delete managed account role

When the Authority tab is selected on the view managed account details page, the authorities owned by the managed account can be viewed, and authorities can be added or deleted for the managed account.
images/download/attachments/1089334/worddav29de311f392ae3394fdbbc8b25e74dbb.png
<Managed account authority>
When the "Add" button is clicked, a list of roles that can be granted to the managed account pops up as shown below.
images/download/attachments/1089334/worddavfba8457ca9f28813aae56d6eeff2fda8.png
<Grant managed account role popup>
When the roles to be granted to the managed account are selected, and the "Add" button is clicked followed by the "OK" button, the role is granted to the managed account. To delete managed account authorities that have already been granted, select the role to be deleted from the authorities list and press the "Revoke" button to revoke the selected roles.
The items in the list of authorities are described below.

  • Checkbox: Select the role to be revoked and click the "Revoke" button to revoke the authority.

  • Role name: Displays the role name

  • Role code: Displays the role code

  • Requester: Displays info on the users who requested and granted the role

  • Request date: Displays the time & date when a role is requested and granted.

Edit managed account
When the "Edit" button is clicked on the view managed account details page, a screen for editing managed account info is brought up.
images/download/attachments/1089334/worddavdb752ea90d945861a4c29c03b80a5ca0.png
<Edit OS system managed account screen>
When editing managed account info, the info that can be edited varies for OS, DBMS, and Network tool accounts. The screen above is the edit screen for an OS AIX managed account.
Enter the attribute info to be edited and press the "Save" button to change the info of the managed account.