View the Users of Aternity

An Administrator of Aternity can access Users/Groups to view, create and edit usernames to access Aternity with varying permissions, depending on their role in the company, to allow a user to view dashboards or perform basic or advanced configuration.

View the list of users defined in Aternity
Important

This is the list of users who can sign in to view Aternity's dashboards and configuration screens. This is NOT the list of end users who signed in to monitored devices.

There are usually several levels of users, each with their own sets of permissions.

  • A standard user can sign in to view any of the dashboards to discover and resolve performance issues in the organization.

  • A Power User of Aternity can view dashboards, but also configure the system, by adding applications to be monitored, creating a test group, or mapping locations in the system.

  • An Administrator of Aternity would typically include all the capabilities of a power user, but also include adding and managing users and their privileges in the system.

For more information on the list of permissions or capabilities (known as Roles in Aternity), see Add Users or Edit a User.

Procedure

  1. Step 1 Open a browser and sign in to Aternity.
  2. Step 2 To view the usernames and groups who have access to sign in to Aternity, select the Gear Icon > Users.
    View the list of users defined in Aternity
    Field Description
    Type

    Displays the type of user or group in this row:

    • Local User is defined entirely inside Aternity, hence their username, password, department, residency and privileges are stored locally inside Aternity.

    • SSO User signs in by securely connecting to a identity provider (IdP) to authenticate the username and password. Enable Aternity SSO with a third party IdP (learn more) or use your Microsoft Active Directory as the IdP (learn more). Then add these SSO users inside Aternity to define their roles and privileges.

      Access your Aternity homepage using SSO
    • SSO Group is Aternity's way of grouping a set of SSO users who all have the same property field and value in the identity provider (IdP). You define the same Aternity privileges for all SSO users who conform to that rule. For example, you can define privileges for a group for all SSO users in the IdP whose memberOf property has the value Engineering.

    • Locked users attempt to sign in with an incorrect password too many times (by default more than five times). You can unlock the user by selecting the row's context menu on the right > Unlock.

    User/Group Name

    Displays the username for accessing Aternity, typically the user's email address, or the name of the group of users, which defines the same privileges for all its users.

    Tip

    If the user's email address changes, you must change the username to reflect the new address, and notify the person to use this new address to sign in to Aternity by resetting their password.

    Department

    Displays the department of the user as entered when you created that user.

    Roles

    Displays the sets of permissions (roles) in Aternity, which are granted for this user or group.

    Tip

    To view a user's roles, you must have at least all the roles of that user. Otherwise it displays No permission to view.

  3. Step 3 To view the usernames and groups who have access to sign in to Aternity, select the Gear Icon > Users.
    View the list of users defined in Aternity
  4. Step 4 To add a new user, select Add New User/Group.

    Learn more

    Add a new user
    Field Description
    Local User

    Select to create a new Aternity user, where you define the details (username, password, residency, roles) locally. Learn more.

    SSO User

    Select to add details of an SSO user who signs in and authenticates via your SSO identity provider (IdP), and then assign their Aternity roles. Learn more

    SSO Group

    Select to create a new group of SSO users who all have the same property field and value defined in the identity provider (IdP). Then you can assign Aternity roles to that group. For example, you can define privileges for a group for all SSO users in the IdP whose memberOf property has the value Engineering. Learn more.

  5. Step 5 To edit the details of an existing user or group, select the row's context menu on the right > Edit.
    Edit the properties of an existing user
    Field Description
    Edit

    (Only for explicitly defined local or SSO users) Select to change details or permissions of that user (learn more).

    Tip

    To edit the privileges of SSO users who entered as part of their SSO group, you must edit the group's permissions.

    Enable / Disable

    Select to determine whether this user can access Aternity.

    Switch Local to SSO User

    (Local users only) Select to convert this user whose credentials are stored locally to an SSO user, who would authenticate with your identity provider.

    After you switch Aternity sends the user an automatic email detailing their new sign in instructions.

    Switch to Local

    (SSO users only) Select to convert this SSO user whose credentials are managed in the IdP to a local user where the credentials are held inside Aternity.

    Switch SSO User to SSO Group(s)

    (SSO) users only) Select to remove this SSO user from the list of individual users, and instead to access Aternity as part of an SSO group, with the roles assigned to that group. You do not manually assign users to SSO groups. Instead, you define an SSO group to contain all the SSO users which have the same property and value defined in your IdP.

    Switch to SSO User

    (Only for SSO users who entered as part of an SSO group) Select to convert this user, whose privileges came from the SSO group, to a named SSO user, where you can define unique privileges separate from that group.

    The resulting privileges are a union of those from the group and those defined specifically for this user.

    View Associated Groups

    (Only for SSO users who entered as part of an SSO group) Select to view the SSO group to which this SSO user belongs. Use this to view the permissions and other participants of the SSO group.

    Reset Password

    (Local users only) If the Aternity username is an email address, Aternity sends an automatic email to the address defined as the username. The mail contains a temporary link to enter a new password.

    For SSO users whose credentials are managed with your SSO identity provider, change the passwords there.

    For locally defined users, a password must be at least 8 characters long, where at least one of them is uppercase (A-Z), one lowercase (a-z), one number (0-9) and one non-alphanumeric (like @, #, $). Aternity encrypts all locally managed passwords.

    Delete

    Select to remove this user from Aternity. Learn more.