Configuring Administrative Users - Identity and Access Management Services - 4.4 - 4.4 - Ready - Other - external

Identity and Access Management Services

Platform
Other
Product
Identity and Access Management Services
Release
4.4
License

After completing the base configuration of the Hyland IdP server, you can override and configure a new list of administrative users for the configured tenant.

Note:

At least one administrative user or one administrative group must be assigned to the tenant to access the Hyland IdP Administration Client. For more information on adding or updating administrative groups, see Configuring Administrative Groups.

Configuration of administrative users can be completed using the Hyland.Identity.Server.Initialization.dll command-line utility. Once the base configuration is completed, the graphical initialization client is inaccessible. Changes to the base configuration must be made using command-line utilities.

This section includes the instructions to use the command-line utility specifically for overriding the list of configured administrative users for a tenant.

To configure administrative users:

  1. Open a Windows command prompt with elevated administrator privileges.
    Tip:

    It is recommended to use Windows PowerShell to run command line operations.

  2. Change to the directory where the Hyland.Identity.Server.Initialization.dll is saved. In a default installation, the DLL is located in C:\Program Files\Hyland\Hyland Identity Provider Server Initialization Utility\.
  3. Type the set-admins command, but do not run it yet:
    dotnet Hyland.Identity.Server.Initialization.dll set-admins
  4. Append the following switches and their values to the set-admins command. Be sure to enclose the values in double quotation marks.

    Switch

    Value

    --config

    The full file path of the idpconfig.json configuration file. In a default installation, the configuration file is located at:

    C:\Program Files\Hyland\identityprovider\idpconfig.json

    --tenant

    The name of the tenant used by the Hyland IdP server. The tenant name must not contain any special characters such as spaces, comma, dot, or slashes.

    Note:

    If your solution uses the Hyland SCIM server, the Tenant Name must match exactly the Name of the datasource configured for the connection string on the Hyland SCIM server. For example, if the SCIM datasource name is MyDBTenant then the tenant Name must also be MyDBTenant.

    --admins

    The user names of those authorized to make configuration changes in the IdP Administration Client.

    User names must be entered as a space-separated list, with user names placed in quotes. For example, if you are entering the user names of manager, John Doe, and user1, they must be entered as "manager" "John Doe" "user1"

    Note:

    The --admins command line switch can be run multiple times to edit the list of administrative users. Every time the command line switch is run, the previous user name entries are replaced with the new user name entries.

    For example, a completed set-admins command may look like this:

    dotnet Hyland.Identity.Server.Initialization.dll set-admins --config "C:\Program Files\Hyland\identityprovider\idpconfig.json" --tenant "MyDBTenant" --admins "manager" "John Doe" "user1"                        
                        
  5. Press the Enter key to run the set-admins command.
    If any errors are reported, they must be corrected and the command run again. The command will return nothing if no errors are encountered.