Editing Active Directory and LDAP users

You can edit the user type, security, and license information for Active Directory (AD) and LDAP users. You can also remove the user association with the AD/LDAP server.

Tip:  You can also use the Quick Edit menu to change users to customers or vice versa, enable or disable single sign-on, inactivate or activate users, unlock users, change the LDAP server association, and update fields for multiple users at the same time.

1. Click Global Users.

The Global Users dialog box opens.

2. Select a user and click Edit.

The Edit User dialog box opens.

3. Make any changes to the information.

You cannot edit most information on the Info category and any information in the Address or Photo categories for LDAP users.

Tab Use to:
Info Change the user type. You cannot edit phone numbers, email addresses, or passwords for LDAP users.
Authentication Set options for external authentication. See Setting authentication methods and passwords for users. To add an API key for the user or manage existing keys, click Manage API Keys. API keys are used to authenticate the user with the Helix ALM REST API. See Managing API keys.
Security Select license server security permissions for the user. See Controlling Helix ALM License Server Admin Utility access.
Licenses Assign licenses to the user. See Managing licenses and Assigning licenses.
Address View the user's company, division, department, and address information imported from Active Directory or LDAP.
Notes Enter any notes about the user.
Photo View the user's photo imported from Active Directory or LDAP. Photos are only displayed in products that support them. Only available if the User Photo field is mapped to an LDAP photo attribute in the server settings. To remove the photo, unmap the User Photo field. See Mapping Active Directory and LDAP attributes.

4. Select Allow user to authenticate using single sign-on to enable single sign-on.

Single sign-on allows users to log in to Helix ALM products using their network credentials. This option is only available for AD users and if single sign-on is enabled for the AD server. See Configuring Active Directory and LDAP servers and Enabling single sign-on for users.

If single sign-on is required for all users associated with the AD server, the User is required to authenticate with single sign-on option is selected by default and cannot be changed.

5. Click Remove LDAP Association to change the user to a global non-LDAP user.

Note:  If you remove the LDAP association by mistake, click Set LDAP Association to reset it before saving the changes. See Associating users with an Active Directory or LDAP server.

6. Click OK to save the changes.