Managing User Accounts
After you’ve aggregated users' source accounts from a supported source, you can view and manage these accounts in IdentityNow.
IdentityNow tracks the status of each user's accounts. You can view and edit these statuses by going to Identities > Identity List, selecting the relevant identity, and going to their Accounts tab.
An account can have one of the following statuses:
Status | Definition |
---|---|
Enabled | The account is enabled and can be accessed by the user. |
Pending | The account is being updated. This status typically lasts only a few seconds |
Disabled | The account has been disabled, and the user can't access it. This may occur when an admin disables the user’s account or when the user's lifecycle state changes. |
Locked | The user's account has been locked. For example, someone may have entered an incorrect password for the account too many times. |
Disabling a User Account
If you are a Helpdesk admin or an administrator, you might need to disable a user's account on a source. For example, if a user reports suspicious activity on that account, you can disable it temporarily while investigating the problem.
Note
This disables the user's account on the source and is different from disabling the user's access to IdentityNow.
-
Go to Admin > Identities > Identity List.
-
Select the name of the user you want to disable.
-
Select Accounts.
-
Select the Actions menu (
) on the account you want to disable and choose Disable Account.
Unlocking User Accounts
If you are a Helpdesk admin or an administrator and a user has been locked out of a source account, you can unlock them from IdentityNow. This option is available for accounts that have been loaded into IdentityNow from a supported source that allows unlocking accounts.
Note
You may need to aggregate the account first to ensure that the account status in IdentityNow is accurate.
- Go to Admin > Identities > Identity List.
- Select the name of the user whose account you want to unlock.
- Select Accounts.
- Select the Actions menu (
) on the account you want to unlock and choose Unlock Account.
Removing User Accounts
You may need to remove an account from IdentityNow to fix data on the source. For example, if a user's email address was misspelled on the source, their account may correlate to another user's IdentityNow account. You can remove the account from that user to fix the misspelled email address and aggregate the account correctly. This removes the account from IdentityNow, not from the source system itself.
Note
If you remove an account from a user and that account is on an authoritative source, the user may move to a different identity profile or disappear from the identity list.
To remove a source account:
- Go to Admin > Identities > Identity List.
- Select the identity you want to edit.
-
In the Accounts tab, select the Actions menu (
) beside the account you want to remove.
-
Select Remove Account.
-
In the confirmation window, select Yes to remove the account.
You can also remove the account from the Account Details page by selecting the account name and the Actions menu (
).
The account is removed from IdentityNow and will be added again during your next full aggregation.
Note
If your source is configured for delta aggregation, you should disable it if you want to reaggregate the account.