Access and User Management

Similar documents
PROFITstar November PROFITstar Budget Manager Reference Guide. Hosted Version

DUS DocWay TM Loan Documents User Guide. January 2019

TRAVEL PORTAL INSTRUCTIONS

ProSuite and Stewart Title NextSTEPS

Quick Reference Guide: General Budget Change

Third Party Administrator (TPA) Guide to CONNECT

TAX GROUP USER GUIDE (REGISTRATION, AMENDMENT AND DE- REGISTRATION) December 2017

POSTINGNOTICE.com It s easier this way

Reference Guide. Sales and Use Tax e-services Webinar January 2018

School Online Payments Parent User Guide

Master User Manual. Last Updated: August, Released concurrently with CDM v.1.0

Frequently Asked Questions Guide

To Enable Access to Encompass LO Connect: 1. On the Encompass menu bar, click Encompass, and then click Settings.

STUDY PLANNER STUDENT SUPPORT GUIDE

Secure Website Encompass Loan Center

Plan Access ABA-RF Guide

14. Roster Processing

X-Charge Credit Card Processing

PriceMyLoan.com Lender AE Guide. Revision 0707

CTIMS FLA Carl Perkins Worksheet & Application Guidebook

FREQUENTLY ASKED QUESTIONS

Ceridian Source Self-Service Benefits

To create your own password, log in via the link in the second .

WHEDA-Connect Administrators and Users Manual

HomePath Online Offers Guide for Listing Agents

Member Access Manual. Contents. Registration Process Logging In Making a Donation Donation History Account Information

USER GUIDE AMC BANKING 365 BUSINESS MICROSOFT DYNAMICS 365 BUSINESS CENTRAL FOR. English edition. AMC Consult A/S 26. October 2018 Version 2

Payment Center Quick Start Guide

Quick Reference Guide Welcome TEST USER

2014 EMPLOYEE SELF SERVICE GUIDE

Any symbols displayed within these pages are for illustrative purposes only, and are not intended to portray any recommendation.

FLORIDA SURPLUS LINES SERVICE OFFICE. IPC Procedures Manual

Online Help for Client Employees

Infinite Campus Portal Parents Quick Reference

KIM ENG SECURITIES KEHK TRADE - INTERNET TRADING PLATFORM. User Manual (English Version) Jun 2013 Edition

Guide to Credit Card Processing

Payment Center Quick Start Guide

If it has do you know the employer ID? Has the pension scheme already been set up within Star Payroll Professional? o

4.9 PRINTING LENDING FORMS

2018 IRS ACA Reporting Completing Your Confirmation Page

Propertyware epayments. Powered by RealPage

An overview of the financial profile fact finder

EASY DEMAT SOLUTION SOFTWARE USER MANUAL (CLIENT VIEW)

Employee New Hire and Life Event Guide

For Lenders. Accessing LOS: LOS is a web based program that can be accessed at the following URL address:

Mobile Trading User Guide. For iphone

RISD 2018 Voluntary Insurance Open Enrollment Dec-01 Dec-15, Benefit Enrollment Instructions

FAIRFIELD PUBLIC SCHOOLS. Munis Self Service

Viewing and Updating W-4 Information in Drexel One

Aliceblue Mobile App. User Manual

PAYER GUIDE THE STUDENT S GUIDE TO MAKING INTERNATIONAL PAYMENTS WITH FLYWIRE FLYWIRE.COM

ALLEGANY CO-OP INSURANCE COMPANY. Agency Interface. Choice Connect User Guide

Viewing Fees. PATH: Portal > Family > Payments

Ikano Online Credit Approval

Your Wealth Management Portal

Quick Reference Guide Welcome TEST USER

Dashboard. Dashboard Page

Construction Budget Application Using Procorem

ACCESSING THE RESIDENT PORTAL

Making an Online Payment

Instructions for Dominican s Financial Aid Portal

MyPenPay User Guide. Login Page

User Manual How to Submit an Online Research Proposal to Provincial Health Research Committee (PHRC) National Health Research Database

Making an Online Payment

Step 1: Log in to your student information system (SIS) account at go.sfu.ca

Quality Control Advisor SM. User Guide. January 2018

Log In to Your Account. Change the Investment Mix for Your Current Balance. Change Future Contributions Investment Elections

Individual Taxpayer Electronic Filing Instructions

A16 Documenting CECAS PRC 29 Request & Baseline SIF Data Training Script ( ) 1

Web Benefits Admin User Guide

Margin Direct User Guide

INVESTOR PORTFOLIO SERVICE (IPS) ONLINE USER GUIDE

Radian Mortgage Insurance

iprice LoanEDGE Quick Start Guide

User Manual How to Submit an Online Research Proposal to National Department of Health. User Manual How to Submit an Online Research Proposal

1. Welcome to BenefitBridge. To access the BenefitBridge portal, login to BenefitBridge from the internet. 2. In the internet address bar, type:

StuckyNet-Link.NET User Interface Manual

Automated Asset Assessment with Loan Product Advisor

Claims Packaging Tool Servicer Support User Manual Version 1.0 Effective Date : 07/11/2018

Mobile Forex trading with TradeRoom Mini

UNIVERSITY OF GHANA OFFICE OF RESEARCH, INNOVATION AND DEVELOPMENT (ORID) Grant Application Guide

DAY AHEAD MARKET WEB APPLICATION

Using the CTELL Portfolio

VHFA Loan Origination Center

Accessing and Using CentreSuite

ASSURANT FIELD ASSET SERVICES INTEGRATION

Liberty University Online Student Financial Check-In

SOARFIN Training Manual Procurement Card Cardholder, Reconciler

Fiscal Closing Methods Summary

VAT REFUND USER GUIDE

P2 Explorer for Qbyte FM

PVCC S STRATEGIC PLANNING ONLINE SYSTEM (SPOL)

BBPadmin s WebCOBRA On Demand Employer User s Guide. BBPadmin s Employer User s Guide to

BrokerX. Quick Start. Supported Browsers: Internet Explorer Microsoft Edge Chrome Firefox

Policy. Chapter 6. Accessing the Policy. Nexsure Training Manual - CRM. In This Chapter

Introduction to Client Online

Claims. Chapter 11. Adding a Claim. HOW to Add a Claim. Nexsure Training Manual - CRM. In This Chapter

Money Management (MX) Frequently Asked Question s

FOR USE FROM APRIL 2019

Pay. Quick Start Guide Creditor Payments. Pay QUICK START GUIDE CREDITOR PAYMENTS

Transcription:

Date published: 25.06.2018 Estimated reading time: 30 minutes Authors: Editorial Team The bookmarks and navigation in this tutorial are optimized for Adobe Reader. Access and User Management 1. Introduction 1. Introduction 2. Prerequisites 3. How to log into your OTC account a. Overview b. Logging in via MyWorkplace c. Multitenant Login d. Recommendations 4. How to create new OTC users a. Overview b. Creating new OTC users in MyWorkplace c. Creating new OTC account users with IAM d. Recommendations 5. How to manage OTC users a. Overview b. Managing OTC users in MyWorkplace c. Managing OTC users with IAM d. Recommendations 6. Help Resources 7. Conclusion 8. List of Abbreviations 9. Document History This tutorial provides new Open Telekom Cloud (OTC) customers with a detailed overview of how to access their OTC environment, how to create new users, and how to manage these users. Who should read this tutorial? In particular, new OTC customers should read this tutorial. The tutorial was created especially for the users of new OTC customers who will have the appropriate user management permissions in both the customer s MyWorkplace account and OTC account. The reason is that users with these kinds of permissions will be the people who will be able to create new OTC users, decide how these new users will access the OTC account, and decide what types of OTC user permissions they will have. What will you gain from reading this tutorial? For these types of OTC access and user management activities, more than one method is available. This tutorial is focused on providing you with an overview of these methods, how they work and how to use them. After reading this tutorial, you will have a good understanding of how to accomplish the following: How to log into your OTC account with a browser How to create additional users for your OTC account How to manage OTC users and their permissions Where you can find additional help resources 1

2. Prerequisites Before you can start accessing MyWorkplace and your new OTC account, you need to make sure the following prerequisites have been met: a) MyWorkplace Prerequisites You have access to MyWorkplace You need to make sure that your MyWorkplace account has been activated and you are able to login into MyWorkplace. - Existing TelekomCLOUD service users: If you are already using other TelekomCLOUD infrastructure services (such as DSI vcloud or AppAgile), you should already have an activated MyWorkplace portal account. In this case, when you log into MyWorkplace, your newly ordered OTC service should now appear on your MyWorkplace homepage. If this is not the case, you should immediately contact Open Telekom Cloud support. - New TelekomCLOUD service users: If, on the other hand, OTC is the first cloud infrastructure service you have ordered with Telekom, then you will be provided with a new MyWorkplace account. You need to make sure that the account and access have been activated. Immediately after you ordered your OTC service, you should have been notified via email of the steps you need to take to activate and access your account. If after ordering your OTC service you did not receive such an email notification (please also check your spam), and have not yet been informed about how to access your MyWorkplace account, you should immediately contact Open Telekom Cloud support. You have user management permissions in MyWorkplace In MyWorkplace, you must be a user who has user management permissions. This is required if you want to use MyWorkplace to create and manage OTC users. You have such permissions if one of the following applies: - Either you are the person who ordered the OTC service: By default, the person who ordered the OTC account is the owner of the account. This person is automatically allocated technical and commercial administrator permissions in MyWorkplace. - Or you received such MyWorkplace account permissions from the OTC account owner: Alternatively, another person may have ordered the OTC account. In MyWorkplace, this person may have created a new MyWorkplace user account for you that includes user management permissions. NOTE: To determine if you have user management permissions in MyWorkplace, log into MyWorkplace and then look for the menu tab called User Management at the top of your MyWorkplace screen. The tab is only visible for MyWorkplace users who have user management permissions. If it is visible, it is located between the menu tabs My Infrastructure and Service & Help. The User Management menu tab is highlighted in red in the cutout of the MyWorkplace menu tabs pictured below. MyWorkplace upper menu tabs: if the User Management tab is visible, then you have user permissions b) Open Telekom Cloud Prerequisites Your new OTC account is ready for service As soon your MyWorkplace account has been set up and you are able to log into MyWorkplace, you should have received a ready-for-service email notifying you that your OTC account is ready for use. If you or the MyWorkplace account owner did not yet receive a ready-for-service email, please do not hesitate to contact Open Telekom Cloud support. 2

In your OTC account, you have security administrator permissions Only an OTC user with security administrator permissions in the OTC account can perform the user access and management activities in that account. You have such permissions if one of the following applies: - Either you are the person who ordered the OTC account: As already mentioned above in the MyWorkplace prerequisites, if you are the person who ordered the OTC account then you are the owner of that account. The OTC account owner is automatically allocated full OTC account administrator permissions. - Or you received such OTC account permissions from the OTC account owner: Alternatively, the OTC account owner may have allocated such permissions to you. 3

3. How to log into your OTC account a. Overview The two browser-based methods for accessing your OTC account There are two ways to access your OTC account with a browser: One way is to first log into MyWorkplace and then, on the MyWorkplace homepage, click on the available OTC account listed under Your Cloud Infrastructure. This access method is explained below in part b of this section. The other way is to login via the OTC Multitenant Login page. This access method is explained below in part c of this section. The login pages of both methods are pictured below. Accessing your OTC account with a browser: the two login methods Logging into your OTC via the MyWorkplace homepage Logging into your OTC via the Multitenant Login page What is main difference between the two login methods? The main difference between the two browser-based login methods can be summarized as follows: OTC account login via MyWorkplace: This login method can only be used by MyWorkplace account users who have OTC user permissions. OTC account login via the Multitenant Login page: When you use the Multitenant Login page to log into an OTC account, you are logging directly into your OTC. - This login method can be used by MyWorkplace users who have OTC user permissions. - This login method can also be used by OTC account users. These are OTC users that were created in the OTC account with the Identity and Access Management service (which is explained in section 4c). OTC account users do not have a MyWorkplace user account and do not have access to MyWorkplace. Rather, they only have an OTC user account. As a result, these users can only use the Multitenant Login page to log into your OTC. Both login methods get you to the Management Console homepage in your OTC account. The Multitenant Login method gets you directly to your OTC account s Console homepage, whereas the MyWorkplace method first gets you to your MyWorkplace homepage, where you will find a link to the OTC account or accounts you have ordered. When you click on one of the available OTC account links, a new browser will open up displaying that OTC account s Management Console homepage. The Management Console homepage is pictured below. 4

OTC Management Console homepage Your OTC account s Management Console is a web application that contains a broad collection of individual service consoles for managing your OTC account s resources. The Console homepage provides access to each service console as well as a user-friendly interface for exploring OTC and getting helpful tips. For customers who have multiple OTC accounts, the OTC resources of each account are isolated from one another. This means that each OTC account has a separate Management Console. In parts b and c below, both login methods and how to use them are explained in more detail. 5

b. Logging in via MyWorkplace As already mentioned above in the Prerequisites, customers who have already been using MyWorkplace to manage other TelekomCLOUD services they have ordered should be familiar with how to use MyWorkplace to access their OTC account. If you are already familiar with MyWorkplace, please skip this part and proceed to part c below about how to use the Multitenant Login to access your OTC environment. If you are new to MyWorkplace, make sure the requirements for accessing and using MyWorkplace mentioned above under Prerequisites are in place before reading on. What is MyWorkplace? MyWorkplace is your virtual workplace in the TelekomCLOUD. It is a self-service portal that provides centralized access to all of your TelekomCLOUD services, including OTC. You can log into MyWorkplace with the following link: MyWorkplace login page: https://myworkplace.t-systems.com/ After clicking on the above link and using your MyWorkplace username and password to log in, you will see your MyWorkplace homepage, which is pictured below. On the homepage, you will see your available OTC accounts listed under Your Cloud Infrastructure. MyWorkplace and OTC tenants: what are tenants? On your MyWorkplace homepage, your OTC accounts are listed in the form of OTC tenants. When a customer orders OTC, a tenant with a dedicated logically isolated virtual cloud is set up and assigned to the customer. An OTC tenant extends across two physical Telekom datacenters (so called availability zones). For each OTC tenant, a separate OTC account is created. An OTC customer may order and use only one OTC tenant (minimum) or multiple tenants. In MyWorkplace, all of a customer s OTC tenants are listed by their respective OTC account names. To make this more understandable, have a look at the MyWorkplace homepage pictured below and the highlighted features explained on the right. MyWorkplace homepage: your OTC account OTC account is easy to find Your Cloud Infrastructure This is where all of a customer s TelekomCLOUD infrastructure services are listed, including OTC. OTC Tenants (OTC Accounts) Here you see a list of the customer s OTC tenants. In this case, the customer has only ordered a single OTC tenant. Each OTC tenant a customer orders is listed in the customer s MyWorkplace. And each OTC tenant is listed by its respective OTC account name, which is automatically generated during account setup and registration. Accessing an OTC Account In MyWorkplace, access to an OTC account only requires a mouse click. This will open up a new browser window displaying the Management Console homepage for that specific OTC account. An additional login for the selected OTC account is not required In the MyWorkplace homepage pictured above, as soon as a MyWorkplace user clicks on the OTC account listed under Your Cloud Infrastructure, the access to the OTC account s Management Console homepage is automatic and does not require an additional login or authentication. 6

c. Multitenant Login Above in part b, how to log into MyWorkplace and access your OTC account was explained. In this part, the second main method for accessing your OTC account with a browser is explained, which is by logging in via the OTC Multitenant Login page. What is the Multitenant Login page? The Multitenant Login page allows OTC users to directly log into an OTC account. This login method does not involve having to first log into MyWorkplace. The Multitenant Login page link is the following: Multitenant Login page: https://console.otc.t-systems.com/console/ Clicking on the Multitenant Login link listed above will take you to the login page pictured below. Multitenant Login page The Multitenant Login page allows a user to log directly into an OTC account. Login details To log in, users use their domain name, username or email address, and password. First-time login requirements For MyWorkplace users with OTC permissions, in order to use the Multitenant Login page, they first must use the Forgot password? function highlighted here to set a new password. This is explained below. OTC Account Users For users that were created in directly in your OTC account (OTC account users), this is the only browser-based login method. A manual password reset like with MyWorkplace users is not required. Multitenant Login page: allows users to directly log into an OTC account First-time login requirements for MyWorkplace users Before MyWorkplace users can use the Multitenant Login page to log into a specific OTC account, the following requirements must be fulfilled: In MyWorkplace: MyWorkplace users must have OTC user permissions As explained above under Prerequisites, MyWorkplace users need to be allocated OTC user permissions for the OTC account they are supposed to have access to. On the Multitenant Login page: MyWorkplace users must first to a password reset Each MyWorkplace user must first manually set a new password. The steps to do this are explained below. Multitenant password reset steps - Go to the Multitenant Login page. Your browser should show the same login page pictured above. - As you can see in the Multitenant Login page pictured, there are three empty text fields requesting the following information: Domain Name (top field); Username/Email address/mobile number (middle field); and Password (bottom field). Leave all three fields empty. - Click on Forgot password?, located under the magenta Log In button. 7

a) Domain Name: Leave this field empty. What a domain name is, is briefly explained below in the next step where you will need to enter it. b) Username/Email address/mobile number: Enter your email address. c) Password: Leave this field empty. d) Forgot password?: Click on this link located under the magenta Log In button. - After clicking on Forgot password?, your browser will switch from the Multitenant Login page pictured above to a multistep Forgot Password page. Each step is explained and pictured below. On the Forgot Password page, proceed as follows as follows: a) Step 1 - Confirm Account (pictured below): Multistep Forgot Password page: Step 1 Confirm Account - Domain Name: Enter the domain name of the OTC account you want to log into. What is a domain name? When the Multitenant Login method is used to log into an OTC account, the domain name of that account s tenant is required. OTC tenants are briefly explained above in part b. The domain name of an OTC tenant is the same as that OTC tenant s account name. So what you need to enter here is the OTC account name. Where can you find the domain name (OTC account name)? Log into MyWorkplace. On your MyWorkplace homepage, under Your Cloud Infrastructure, you will see your OTC account names. This is described and shown above in part b. On your MyWorkplace homepage, use your mouse to highlight and copy the OTC account name and then paste it into the Domain Name text field in the Confirm Account window pictured directly above. - Email Address: Enter your email address. - Next: Click on the magenta Next button. b) Step 2 - Reset Password (pictured below): 8

Multistep Forgot Password page: Step 2 Reset Password - New Password: Enter a new password in the New Password field. - Confirm Password: Reenter your new password. - Email Verification Code: Click on Get Code, which is located to the right of the Enter the code text field. After only a few seconds, you should receive an email containing the following message in the subject line: Email verification code for Open Telekom Cloud. The email contains a verification code. Copy it and paste it into the Enter the code field directly next to Email Verification Code. NOTE: If you do not immediately receive an email with the verification code, check your spam folder. If the email is not in your spam folder, click on the Get Code link again. - Next: Then click on the magenta Next button. c) Steps 3 - Finish: After entering the email verification code and clicking on Next, you can use the Multitenant Login page to log into your OTC account. 9

d. Recommendations This section described the two methods that can be used to log into an OTC account with a browser. A brief summary of the two login methods for different user types MyWorkplace users with OTC permissions can use both methods. For these types of OTC users, accessing a specific OTC account via MyWorkplace only requires them to log into MyWorkplace. After that, they only need to click on the OTC account listed on their MyWorkplace homepage, which will open up a new browser window displaying their OTC account s Management Console. These same users can also use the Multitenant Login page to log into their designated OTC account, yet to do so they first need to do a manual password reset on the page. OTC account users, on the other hand, can only use the Multitenant Login page to log into an OTC account. These types of OTC users are not MyWorkplace account users. Rather, they are users that were created directly in the OTC account they have access to. The user who created them has the required security admin permissions and used the OTC account s Identity and Access Management (IAM) service to create new OTC account users. This is explained in part c of the next section, which describes how to create new OTC users in MyWorkplace and directly in your OTC account. The following table gives you an overview of the different types of users and their access options for OTC. Type of user Access to services by type of user MyWorkplace OTC Account other TelekomCLOUD Services MyWorkplace user x if applicable MyWorkplace user with OTC permissions x x* if applicable OTC account user (IAM) Overview of which type of user has access to MyWorkplace and/or your OTC account *User can access an OTC account via MyWorkplace as well as via the Multitenant Login page. Immediately after these users have been allocated OTC user permissions in MyWorkplace, they receive an email notification containing the MyWorkplace link. **User can access an OTC account only via the Multitenant Login page. Immediately after these users have been created, they receive an email notification containing the Multitenant Login link. x** Which login method should you and your OTC users use? This is a question you should begin asking yourself as soon as you need to start creating new OTC users. The reason is that as soon as you start creating new OTC users, you need to start managing them. The more OTC users you create, the more important it becomes to be able to manage them in a centralized, efficient manner. With this in mind, how you decide you want OTC users in your OTC environment to be managed should play a determining role in how the users are created (i.e. in MyWorkplace or directly in the OTC account they should have access to). How the OTC users are created will in turn determine which login method they will be able to use. The next two sections focus on how to create and manage OTC users, respectively. Just like with logging into an OTC account with a browser, which is covered in this section, there is more than one method you can use for creating new OTC users. There is also more than one way you can use to manage OTC users. It is strongly recommended that you read both sections. After you have done so, you will have a solid understanding of the factors you need to keep in mind as you begin to build your OTC environment by creating new users and granting them access. 10

4. How to create new OTC users a. Overview The previous section described the two (browser) methods that can be used to log into an OTC account. There are also two methods that can be used to create new OTC users for an OTC account, and that is what this section will focus on. You can create new OTC users for an OTC account in MyWorkplace. You can also create new OTC users for an OTC account directly in that account with the account s Identity and Access Management (IAM) service. What s the difference between the two methods? Before describing and explaining the two methods below in part b and c, it is important to gain a general understanding of the two methods and their main differences. This will help you better decide when and why which method for creating new OTC users makes more sense. Creating a new OTC user in MyWorkplace: Creating a new OTC user in MyWorkplace includes one of the following two scenarios: - Existing MyWorkplace account users: The person you would like to allocate OTC account user permissions to already has a MyWorkplace user account in your MyWorkplace. In this case, you need to modify this user s MyWorkplace permissions by adding the required OTC account user permissions. - New MyWorkplace account users: The person you would like to allocate OTC account user permissions to does not yet have a MyWorkplace user account in your MyWorkplace. In this case, you need to create a new MyWorkplace user account for this person and, while doing so, also add the required OTC account user permissions. In both cases, a MyWorkplace user who has been allocated OTC account user permissions in MyWorkplace is a MyWorkplace user with OTC permissions. Creating a new OTC account user in your OTC account (with IAM): Instead of creating a new OTC user in MyWorkplace, you can also create one directly in your OTC account. This type of OTC user is created with the IAM service in the respective OTC account. OTC users created with an OTC account s IAM have nothing to do with your MyWorkplace account. The reason is that this type of OTC user does not have a MyWorkplace user account and thus does not have access to your MyWorkplace. Rather, when you create this type of user in your OTC account, you are creating a new OTC user account. This type of OTC user is described as an OTC account user. Both methods are explained below in part b and c, and in part d of this section followed up with some helpful recommendations to help you decide which method you should use to create new OTC users. Each OTC account can have a maximum of 50 users. By default, the number of OTC users in an OTC account is limited to 50. This includes both types of OTC users described above. Both MyWorkplace users with OTC permissions for a specific OTC account as well as OTC account users in that OTC account are 11

b. Creating new OTC users in MyWorkplace This part describes how you can create new OTC users in MyWorkplace. As already explained above in the overview in part a, creating a new OTC user in MyWorkplace can either mean creating a new MyWorkplace user and allocating OTC user permissions to this user; or allocating OTC user permissions to an existing MyWorkplace user. As an example, the process of creating a new MyWorkplace user and allocating OTC user permissions is described below step by step. Log into MyWorkplace and go to the Create User page To begin with, you need to log into your MyWorkplace. Once logged in, you need to go to the Create User page. This page is pictured below and its main features are explained on the right. Create User page To create a new user, click on the User Management menu tab at the top of your MyWorkplace screen. Choose Create User in the dropdown menu. This will take you to the Create User page pictured here. Personal Data of new user Enter the personal data of the new user. NOTE: In the Language dropdown menu, you can currently choose between English and German. This only applies to MyWorkplace, however, and not to OTC. The only language currently available in OTC is English. OTC Permissions of new user Determine which permissions the new user should have. This is where you can allocate OTC user permissions for your OTC account. If you have more than one OTC account, you can grant a new or existing MyWorkplace user access to only one or more specific OTC accounts or to all of your OTC accounts. The Create User page in MyWorkplace The Create User page pictured above in MyWorkplace is where you can create new MyWorkplace users and allocate specific user permissions. In the example here, a new MyWorkplace user will be created and OTC user permissions allocated. This only requires three basic steps, which are number highlighted on the page pictured directly above and explained in detail below. (1) Personal Data: The new user s personal data needs to be filled in. The Language dropdown menu only applies to MyWorkplace. (2) Permissions: In this part, the new user s permissions for both MyWorkplace as well the customer s OTC account can be allocated. Both types of permissions are briefly explained below. MyWorkplace Portal permissions: The possible choice of permissions that can be allocated are: User or User Manager. - User: This permission means the user has authorization to use MyWorkplace. It is a default permission and automatically allocated to every new user created in MyWorkplace. - User Manager: User Manager permissions mean the user has authorization for user management and role & rights assignment in your MyWorkplace. With this permission, the new user can create new MyWorkplace users as well as 12

change the MyWorkplace permissions (including OTC user permissions) of existing MyWorkplace users. Open Telekom Cloud permissions: This is where the new MyWorkplace user can also be allocated user permissions for your OTC account (or more than one account if your happen of have multiple OTC accounts). If you click on the magenta Add next to User (under Open Telekom Cloud) in the picture above, the following Add/Remove OTC Permissions popup window pictured below will appear. Add/Remove OTC User Permissions popup window in MyWorkplace The popup window pictured above contains a list of all of a customer s available OTC tenants (OTC accounts). When creating a new OTC user in MyWorkplace, the desired OTC tenants (OTC accounts) the user is supposed to have access to can be selected from popup window. In the example pictured above, the popup window only contains a single OTC tenant. This is the same single OTC tenant that is visible in the example explained above in section 3b about logging into your OTC via MyWorkplace. In the example pictured above, the one available OTC tenant has been selected. Clicking on the magenta Save button in the lower right-hand corner will close the popup window and return you the Create User page (3) Send: On the Create User page pictured further up in this part, click on the magenta Send button in the lower right-hand corner of the page. After you complete the above steps on the Create User page and click on send, the following Telekom email notifications will be generated and immediately sent out: You, or the MyWorkplace user with User Manager permissions who created the new user, will receive an email notifying you that the new MyWorkplace user account has successfully been created. At the same time, the new MyWorkplace user will receive an email with information about access to the MyWorkplace portal and how to perform a required password reset. After the new user has performed the password reset, the user will then receive a further email notifying him or her that their access to the customer portal "MyWorkplace" is now available. 13

Important to know: By default, all OTC users created in MyWorkplace have user management permissions in their OTC account. While this issue is about managing OTC users, which is explained in the next section, it is important to mention it here. This default setting in MyWorkplace means that for each new OTC user created in MyWorkplace, the following points are important to keep in mind: Default administrator user management permissions: By default, each time a MyWorkplace user is allocated OTC user permissions for a specific OTC account, this user automatically has administrator permissions in that OTC account. OTC users with these permissions can manage other OTC users, OTC user groups, and OTC user group permissions. Modifying these default user management permissions: These default admin permissions can only be changed directly in your OTC account by an OTC user with security administrator permissions. 14

c. Creating new OTC account users with IAM An alternative to creating new users for an OTC account in MyWorkplace is to create them directly in the OTC account they are supposed to have access to. The way to do this is by logging into the designated OTC account and using that OTC account s Identity and Access Management (IAM) service. What is IAM? IAM provides identity management and access control functions for a public cloud system, in this case your OTC environment. To share the resources in your OTC account with other users, you can access the IAM service in your OTC account with security administrator permissions to create new OTC account users and specify their security credentials and permissions. These types of OTC users can then access your OTC account with a browser via the Multitenant Login page explained above in section 3c. And as explained at the start of section 3, these types of OTC users are not MyWorkplace account users and thus do not have access to your MyWorkplace. How can you find and access IAM in your OTC account? The IAM service in your OTC account is easy to find. To do, simply follow the steps below. (1) Requirements: As already mentioned at the start of this tutorial under Prerequisites, you need to have security administrator permissions in your OTC account. (2) Log into your OTC account s Management Console. To do so, you can use either of the two login methods that were explained above in section 3: logging in via MyWorkplace or logging in via the OTC Multitenant Login page. (3) As already mentioned above in section 3a, when you log into your OTC account, you will see your OTC account s Management Console homepage. On the homepage, which is pictured below, look for the service console Management & Deployment. If necessary, click to expand and then click on Identity and Access Management. Both are highlighted below in red. OTC Management Console homepage: the service console Management & Deployment (4) After clicking on Identity and Access Management, you will see the IAM service page, which is pictured below. You will find a navigation pane on the left-hand side of the page. 15

The IAM service page, which contains an overview of all users of the OTC account (5) On the IAM service page, choose User (highlighted in red) in the navigation pane. This will display a list of all OTC users. In the example pictured above, four users are currently listed. How do you create a new OTC user in IAM? Now that you are on the IAM service page in your OTC account, follow the steps below to create a new user. Each of the steps explained below are number highlighted on the IAM service page pictured above and on the following two Create User pages pictured below. (1) To create a new user, click on the click on the magenta + Create User button on the upper right-hand side of the IAM service page (picture above). This will take you to the Create User page, which is pictured below. Create User page (part 1) (2) Username (mandatory): Enter a username for the new user. (3) Credential Type (mandatory): Here, you can choose between Password and Access key. Password and Access Key: What s the difference? - Password: This password will be used to log into your OTC s Management Console. It can also be used to enable development tools (such as APIs, the CLI, and SDK) that can access cloud services through password authentication. - Access Key: An access key is used to enable development tools (such as APIs, the CLI, and SDK) that can access cloud services through key authentication. To learn more about access keys and access key authentication and how to use them in your OTC account, click here. 16

What should you select? - Select Password: For this example, let s assume that the new user being created will only need to log into your OTC account s Management Console with a browser. As a result, you need to select Password. - Modifying a user s credentials later on: If, later on, this new user should also require an access key, it is possible to modify the credentials and create and add such a key. OTC users created in the IAM and MyWorkplace can modify their own authentication information, including verified email addresses, verified mobile numbers, and passwords. To learn more about how to do this, click here. (4) User Group (optional): Select a user group which you want to add the user from the dropdown list box in the User Groups area. What is a user group? A user group is a collection of users who have the same operation permission. What does a user group accomplish? User groups centralize user management and streamline permission management. When should you start planning to create user groups? You can plan user groups based on users' responsibilities and grant them the corresponding permissions. Users in a user group have all of its permissions. Can you create a new user without first having created at least one new user group? Or, if you have already created one or more user groups, is it possible to create a new user and not allocate it to any of the user groups? The answer is to both questions is yes. This is an optional setting. A new user that is created and not added to a user group will still be able to log into your OTC account. After logging in, the user will see the OTC account s Management Console homepage, yet will not be able to access and use any of the console services. NOTE: By default, each OTC account contains the following two preconfigured user groups: - admin: The admin user group is preconfigured with user permissions for all system operations in the OTC account including user management. Users in the admin user group can manage all of the users and resources in that specific OTC account - power user: The power user user group is preconfigured with user permissions for all system operations in the OTC account excluding user management. When creating a new OTC user in an OTC account with IAM, you can add the user to one of these default user groups or to another user group which you have created, or as mentioned above, not add the user to any user group. What should you select? If you have not yet created any user groups in your OTC account, you can leave this option empty for now. After you have created one or more user groups, you can then go back into your OTC account s IAM and add the user to one or more of the available user groups. The concept of user groups is briefly described in the in the next section, which focuses on how to manage your OTC users. (5) Description (optional): Enter a brief description about the user. Once you start creating more than one user, this can be helpful for keeping track of and identifying users on the IAM service page pictured above in step 4. (6) Click on the magenta Next button at the bottom of the Create User page. The page will switch to the one pictured below. 17

Create User page (part 2) (7) Password Type (mandatory): Specify the password type for the new user. The choices are briefly explained below. Specifying a password type for your new user: - Set at first login: A one-time login URL will be emailed to the specified user. The user sets the password when logging into your OTC s Management Console for the first time using this URL. - Automatically generated: The system will randomly generate a password. The password enables development tools (such as API, CLI, and SDK) that support password authentication to access cloud services. - Set manually: Enter a custom password. Which of the three options above should you select? - Select Set at first login: For this simple example, you should select the option Select at first login. This is the easiest and quickest option to select for new OTC users who will only need to log into an OTC account s Management Console with a with a browser. - Modifying a user s password later on: It is possible for a user to modify his/her password type later on. (8) Email (mandatory): Enter the new user s email address. The login link will be sent to this email address. (9) Mobile Number (optional): Enter the new user s mobile number. (10) Click on the magenta OK button at the bottom of the page. The new user will immediately receive an email notification containing the following information: - The user s administrator has created an OTC user account for the user. - The user s credentials: a) Domain name b) Username c) One-time login link - The email address of the administrator who created the account, in case the user has any questions. In this example, it would be your email address. 18

d. Recommendations As soon as you start creating new users for your OTC environment, you need to ask yourself which of the two methods described above in part a and b you should use. As you begin to create users, you may decide to always use only one method. Or you may decide to use both methods, creating some OTC users in MyWorkplace while creating others with IAM in your OTC s account. As a general rule, consider creating your new OTC users in your OTC account with IAM. When you are about to create a new OTC user, you should clarify if this user really needs to be a user in your MyWorkplace. As long as this is not the case, you are advised to create this new OTC user directly in your OTC account with IAM. This is especially the case if you have only one OTC account. In this case, it makes sense to first create a new OTC user for the OTC account with security admin permissions and then have this user create all further new OTC users directly in the account with IAM. You can create the first new OTC user with security admin permissions either in MyWorkplace or directly in the OTC account with IAM. If you create this first new user in MyWorkplace, it is automatically added to the selected OTC account s default admin user group. If you create the user in your OTC account with IAM, you need to manually add it to the default admin user group. In both cases, this new first user will be able to create all further new OTC users in the OTC account and manage them and the resources they need to access and use. The next section will describe how you can use MyWorkplace or IAM in your OTC account to manage your OTC users. The recommendations at the end of the next section describe the general rule mentioned directly above in more detail. 19

5. How to manage OTC users a. Overview In the previous two sections, the methods for how to access and create new users for your OTC environment were described. This section describes the methods for how to manage your OTC users. Managing your OTC users: What does that mean? It means managing your OTC users access to your OTC account: For one, it means deciding who should have permission to access your OTC account. And if you have multiple OTC accounts, it means deciding which OTC user should have access to which OTC account. This is not only about granting specific OTC users permission to access and use specific OTC accounts. Rather, it is also about effectively tracking which user currently has access to which OTC account. The more OTC users you create, the more important it becomes to always know which user has access to which account. It also means managing your OTC users permissions in your OTC account: This refers to the allocation and management of your OTC users individual permissions in their respective OTC account or accounts. In other words, this is about managing what each of your OTC users is and is not allowed to access and use within the OTC accounts they have permission to access. Managing your OTC users in MyWorkplace vs managing them with IAM in your OTC account: What s the difference? MyWorkplace - Which OTC users you can manage in MyWorkplace: In MyWorkplace, you can only manage MyWorkplace users. This includes MyWorkplace users with OTC user permissions. OTC users who were created directly in your OTC account with IAM (OTC account users) cannot be managed in MyWorkplace. - What OTC user permissions you can manage in MyWorkplace: For all MyWorkplace users with OTC user permissions, it is only possible to manage the OTC permissions of these users that they have been allocated in MyWorkplace. The only OTC permissions that can be allocated in MyWorkplace are OTC user permissions. As already explained above in section 4b about creating new OTC users in MyWorkplace, OTC user permissions that are allocated to a MyWorkplace user provide this user with (a) access to a selected OTC account and (b) default admin permissions in the selected OTC account. In MyWorkplace, it is only possible to add or remove these OTC user permissions. They cannot otherwise be modified in MyWorkplace. Rather, all further OTC user permissions that these users require for accessing and using specific resources in OTC must be allocated, modified and managed directly in your OTC s account with IAM. This explained in the next point directly below and in detail further below in part c of this section Part b below explains how to manage OTC users in MyWorkplace in more detail. IAM (OTC account) - Which OTC users you can manage in your OTC account: In your OTC account, you can use IAM to manage MyWorkplace users with OTC user permissions as well as OTC account users. - What OTC user permissions you can manage in your OTC account: For both MyWorkplace users with OTC user permissions as well as OTC account users, your OTC account s IAM allows you to effectively manage all of their permissions. Part c below explains how to manage OTC users in your OTC account in more detail. 20

b. Managing OTC users in MyWorkplace As already explained above in the overview of this section, managing OTC users in MyWorkplace is limited to MyWorkplace users with OTC user permissions. The User Management dropdown menu in MyWorkplace The User Management dropdown menu in MyWorkplace was already mentioned above in section 3b, with an explanation on how to create a new OTC user in MyWorkplace. In order to provide a simple example of how to manage a MyWorkplace user with OTC permissions in MyWorkplace, we now return to this same menu. The User Management dropdown menu is where you will find everything to manage your MyWorkplace users OTC user permissions. When you are logged into MyWorkplace, you will see the User Management menu tab located at the top of your MyWorkplace screen. When you click on it, the white dropdown menu appears showing a list of all user management options. This is pictured below. The menu options are highlighted in red. MyWorkplace: the User Management dropdown menu In the dropdown menu highlighted in red in the MyWorkplace page pictured above, the menu options are briefly explained below. User List: The User List contains a list of users of your MyWorkplace account. Each user s first and last name, login name, email address, and user status (either Active or Inactive) is displayed. The user status refers only to MyWorkplace. In other words, if a MyWorkplace user s status in the User List says Active, that means the user has access to MyWorkplace. Whether or not that MyWorkplace user has also been allocated OTC user permissions, does not affect the user s status. Create User: This option was already explained above in section 3b. It allows you to create new MyWorkplace users and, if desired, also allocate OTC user permissions. Delete User: This option pertains to a user s MyWorkplace account. If a MyWorkplace user is deleted, that user s MyWorkplace account including his/her OTC user permissions will be deleted. In the OTC user list in your OTC s IAM, that user will be automatically removed. User Request List: The User Request List is a log of all user-specific workflow actions that have been triggered. These workflow actions are the following: - Create User - Delete User - Change Permissions 21

Change Permissions: If you click on this option, the Change Permissions page appears. This page is almost identical to the Create User page explained above in section 4b. An example of the Change Permissions page is pictured below. The page provides a Select User dropdown menu from which you can select one of the users listed in the user list. After selecting a user, an overview of his/her current MyWorkplace permissions appears. Change Permissions page Click on the User Management menu tab at the top of your MyWorkplace screen. Choose Change Permissions in the dropdown menu. This will take you to the Change Permissions page pictured here. Personal Data After selecting a user, the user s personal data appears. MyWorkplace Permissions After selecting a user, an overview of the user s current MyWorkplace permissions appears. OTC User Permissions In this example, the overview of the selected user s permissions reveals that the user currently has OTC user permissions. This can be modified by clicking on the magenta Remove button. MyWorkplace: the Change Permissions page Adding or removing a MyWorkplace user s OTC user permissions In the example pictured above, it is possible to remove the user s OTC user permissions by clicking on the magenta Remove button. Clicking on magenta Send button will immediately trigger the following actions: - User Request List in MyWorkplace: The User Request List will be updated with the respective workflow action for this user. - Email notification to user: The user will receive an email stating that its MyWorkplace user account has been changed. - Email notification to requester: The requester of the triggered changed permission (i.e. any MyWorkplace user with User Manager permissions) will receive an email stating that the workflow of changing the permissions for the selected user s MyWorkplace user account has been completed. - Removal of the MyWorkplace user in your OTC: On your OTC account s IAM service page, which we already briefly touched on above in section 3c about how to create a new OTC user directly in your OTC, the user will be removed from the list of OTC users. What about managing other OTC user related permissions? As the example pictured above makes clear, the only OTC user permissions of a MyWorkplace user you can manage in MyWorkplace are: either add or remove OTC user permissions. All other OTC user related permissions must be managed directly in your OTC account with IAM. The next part in this section provides an overview of managing OTC users directly in your OTC account with IAM. 22

c. Managing OTC users with IAM Section 4c above briefly described what IAM is and how you can use it to create new OTC users in your OTC account. This part of the tutorial will now describe how you can use IAM in an OTC account to centrally and comprehensively manage all existing users of that account. The IAM service page in your OTC account is where you can find and manage all OTC users. Part c in the previous section described how to create new OTC account users in an OTC account with IAM. Part of that step-by-step description also included how to find IAM and the IAM service page via the Management Console in your OTC account. A picture of the IAM service page was included in the description. For reasons of clarity, the same picture of the IAM service page has been included directly below. IAM service page This is where you can view, track and manage all of the users in your OTC account. User list The list allows you to view a and modify a user s basic information and user group status. Navigation pane The IAM service page: the user list is what you see first, and where you can find and manage all users The IAM service page s user list Whenever you access the IAM service page via your OTC account s Management Console, the first thing you see on the page is the user list. This is visible in the page pictured above, which lists four OTC users. An OTC account s IAM service page includes a list of all users of that account. The user list is where you need to go to view or modify a user s information and permissions. The user list is separated into six main information columns: Username, Description, Status, Last Login, Created, and Operation. Username: The usernames of OTC users created in MyWorkplace are automatically generated and contains a unique 8-digit Identity for Customer Users ID (ICU ID) followed by the OTC account name. This cannot be modified. The usernames of OTC users created in the OTC account with IAM are user-defined and can be modified. Description: You can enter a brief description for each user and modify it whenever necessary. Status: This lets you know the current status of each user in the OTC account. Each user s status can either be Enabled or Disabled. A user s status can be modified at any time. Operation: This is where you can set/modify a user s credentials, modify a user s basic information and user groups, and delete a user. These features are described in more detail directly below. Using the user list to view or modify user information OTC users with security administrator permissions can go to user list and view and modify all other OTC users' basic information, user groups, and logs. If individual user responsibilities change, security administrators can change user permissions by changing their user groups. If a user forgets or loses a password or access key, security administrators can reset the user s login authentication credentials. Viewing a user s basic information To view a specific user s basic information, click on the V symbol next to user s username in the user list (pictured above). A dropdown menu will appear directly under that user in the list displaying a detailed overview of the user s information, including basic information, user groups, and user logs. Modifying a user s basic information 23

2024 © financedocbox.com Privacy Policy | Terms of Service | Feedback