Users

Administrators can add new users to the server or edit already existing ones in the Users area. However, a user's access rights should be defined in the Database area by clicking Permissions.

The main view of the Users area displays the following columns:

  • Account: Displays the corresponding user account.
  • Authentication: Displays a user's type of authentication on the Enterprise Server (e.g., Standard Authentication or Integrated Windows Authentication).
  • User Principal Name: Displays a user's user principal name in case a user has been added to the server through Microsoft Entra ID (formerly Azure AD) synchronization.
  • AD Logon Name: Displays the AD logon name (SAM account name) of the user.
  • State: Displays if the corresponding user account is enabled or deactivated and if the user is currently connected to the server.
  • Roles: Displays if the selected user has been assigned an additional server role. If you would like to find out more about the server roles, please click here.
  • Address: Displays a user's IP address if the user is currently connected to the server.
  • Full name: Displays a user's full name which can be entered and defined in the General tab of the user properties.
  • Email: Displays a user's email address provided it has been added to the Server Manager.
  • Department: Displays a user's department provided it has been added to the Server Manager.
  • Open databases: If a user is connected to the server this column shows the database a user is working with.
  • Last login: Indicates the exact point in time when the user logged on to the Password Depot Enterprise Server for the last time.
  • 2FA: Displays the two-factor authentication status of the respective user. Possible values are Disabled, TOTP, Email, or FIDO2, each with an indication of whether the method has already been activated.

Besides, more options are available on the right:

  • New user: Use this button if you would like to add new, local users to the Server Manager. The dialog window Add user will be displayed afterwards. You can enter here the user name and password of new, local users (Password Depot credentials type of authentication).
  • New administrator: Creates an additional super administrator account. This account cannot log in to the client and is intended exclusively for administration in Server Manager.
  • Properties: Open the User properties dialog box.
  • Delete: You can delete selected users in the Server Manager.
  • Duplicate: Creates a copy of the currently selected user. This option is only available via right-clicking when exactly one user is selected.
  • Disconnect: You can disconnect selected users from Password Depot Enterprise Server.
  • Synchronize: You can use this option to synchronize selected users with Active Directory or Microsoft Entra ID separately without launching the Active Directory or Microsoft Entra ID wizard and starting the whole synchronization process all over again. In any case, however, please note that this option can only be used if the respective user was added to the Server Manager through Active Directory or Microsoft Entra ID synchronization before. Therefore, the Synchronize option in the Users area can be used, for example, for updating an already existing user in the Server Manager separately if their Active Directory/Microsoft Entra ID data has changed. In this case, it will not be required to perform AD/Microsoft Entra ID synchronization again for all users if individual users need to be updated only.
  • Assign database: Administrators can assign single databases to single or multiple users at the same time. Besides, they can also create new server databases here and assign them to single or multiple users at the same time subsequently. In the Permissions tab administrators can assign user rights at database level right away. You can also create private databases for your users here. Those private databases are also stored to the company's server. You can find out more about private databases in the chapter Assign Database.
  • Reset 2FA: If Two-Factor Authentication for the server login is enabled, you can choose this option to reset the 2FA settings for single or multiple users. This will generate a new secret key and delete all trusted devices for the selected users. The selected users will then have to start the 2FA process all over again, that is, next time they want to connect to the server they will have to scan the QR code again and enter the 6-digit code.

NOTE: The Synchronize option uses by default the server's own SYSTEM account.

HINT: You can also access these options by right-clicking a user from the list. Apart from that, you can also filter the main view, for example if you would like to search for a specific user. The filter searches the user name, full name, and email address. To do so, enter the search term or a part of it to start the search.

The following options are available in the top section under Bulk operations or Select:

  • Export users: Exports the selected users to a CSV file. The exported file includes, among other things, user name, UUID, authentication mode, email, full name, department, group memberships, and other user data. This function is only available to administrators.
  • Import users: Allows you to import users into the Enterprise Server from an external file. This function is only available to administrators. More information can be found here.
  • Select all: Select all users available in the Server Manager. You can then perform further actions which will be applied to all server users.
  • Select none: Removes all selections made.
  • Invert selection: Restores the previous selection status.