Troubleshooting
Problem
Customer has a Controller-on-Cloud system. Customer would like to perform one of the following actions:
- Create a new Citrix user
- Delete an existing Citrix user
- Disable (temporarily) an existing user
- Enable an existing user
- Change the password of an existing Citrix user
- List all the users that they have.
How can they do this?
Cause
Customer would like to administer their own Citrix (Windows) user accounts, without raising a support case with IBM Support.
-----------------------------------------------------------------------------------------------
IMPORTANT:
- IBM recommends that customers change their admin user's password (immediately after logging onto the system the first time)
- Please ensure that the username/password is kept safe and secure.
- However, that password will automatically expire every 90 days
- Therefore, you will need to change it (inside the Citrix portal) if you get a message "Invalid login name/password". See separate IBM Technote #2004109 for more details.
- However, we recommend that more than one person (at your company) has access to this admin user account
- This is so that administrative duties can be delegated, and also so that it prevents problems caused by illnesses/absence/holiday
-
Please note IBM's policy that customers should create/use named users.
- We do not support the use/creation of 'generic' users (users not specific to a certain person).
-----------------------------------------------------------------------------------------------
Environment
Controller hosted on IBM Cloud.
Resolving The Problem
Use the IBMCloud management portal tool (also known as 'AD Manager Plus').
Steps:
The following screens are based on Controller 10.3.1. The instructions may vary slightly for other versions.
1. Launch the AD Manager website: https://manager.controller.ibmcloud.com/
2. Choose the correct domain (BA) for 'Log on to', then logon using your company's administrative credentials:
- This username/password will have been previously provided to you by IBM
- If you are unsure of these credentials, please contact IBM Support.
- If you get a message "Invalid login name/password" then you may need to reset an expired password, using a different website. See separate IBM Technote #2004109 for more details.
3. Perform the required task (examples shown below).
==============================================================
Example #1 - Create a new user
- Click "Create Single User":
- Fill in the relevant details (name and so on)
- NOTE: So that future Controller-on-Cloud functionality works as intended, please make sure that the 'Corporate E-Mail' section is filled in with the user's correct email address.
- Click 'Create':
IMPORTANT:
- You must ensure that the total number of Citrix users does not exceed the number of users that you have purchased from IBM (do not exceed the number of licensed users)
- All users must be named (not 'generic') users.
- For example, new users must be called real names such as 'JSMITH2' and not generic such as 'USER1' or 'COMPANY2'
IBM will periodically audit customers, to ensure that the above rules have been complied with.
==============================================================
Example #2 - Delete an existing user
- In the 'AD Mgmt' home screen, choose 'Modify Single User':
- Locate the user that you want to delete
- To the right of their name, use the drop-down selection arrow to choose 'Delete User':
- When asked 'Do you want to delete the selected users and their folder properties as defined in 'delete policy' click: OK:
- Wait a few seconds for the 'Loading, please wait...' message to disappear
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
IMPORTANT: After that message has disappeared, you will still see your old user in the list!
This is expected (by design). By clicking 'Delete User' you have merely sent a request to delete that user (to the Active Directory). Although the user will be deleted fairly quickly, the AD Manage website will not update itself for some time.
- If you try to delete the same user a second time, then you will get an error, for example "Unable to delete the User...":
- If you open the AD Manage website later (perhaps a few days later) you will notice that the user is no longer listed (see separate IBM Technote #1106895 for details why).
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Example #3 - Disable (temporarily lock / restrict the login) of an existing user
- In the 'AD Mgmt' home screen, choose 'Modify Single User'
- Locate the user that you want to disable
- To the right of their name, use the drop-down selection arrow to choose 'Modify User'
- Tick the box 'Account is disabled'
- Click 'Update User':
==============================================================
Example #4 - Unlock/enable (allow login) an existing user
- In the 'AD Mgmt' home screen, choose 'Modify Single User'
- Locate the user that you want to unlock
- To the right of their name, use the drop-down selection arrow to choose 'Modify User'
- UNtick the box 'Account is disabled'
- Click 'Update User'
==============================================================
Example #5 - Change (reset) an existing user's password
- In the 'AD Mgmt' home screen, choose 'Modify Single User'
- Locate the user that you want to change the password for
- To the right of their name, use the drop-down selection arrow to choose 'Modify User'
- Type their new password in the 'Password' box.
-------------------------------------------------------
TIP: For full details of the password complexity policy, see separate IBM Technote #2002688.
-------------------------------------------------------
- Click 'Update User'
NOTE: It is not possible to force the user (whose password you have just reset) to change their password at next login.
- The reason is that it conflicts with other IBM Cloud security settings.
==============================================================
Example #6 - List all the existing users
- In the 'AD Mgmt' home screen, choose 'Modify Single User'
- The list of Citrix/Windows users will appear below.
Related Information
Was this topic helpful?
Document Information
Modified date:
12 October 2021
UID
swg21990603