Auto-provisioning enhancements for portal administrators accounts

Content

From 10.66 release, MaaS360 introduces improved sync between corporate directory and MaaS360 portal for administrator login.

Following enhancements are introduced:

1. Auto-provisioned administrator accounts that are disabled or deleted in the corporate directory cannot log in to the MaaS360 portal.

2. Any user account that is no longer included in the auto-provisioned group cannot access MaaS360 portal.

In both scenarios, immediate sync is achieved between corporate directory and portal administrator login. With this sync, MaaS360 identifies that user account is no more auto-provisioned and is not privileged as portal administrator. Hence, user cannot login to MaaS360 portal.

How to auto-provision an account?

From Setup, under Services & Settings, select Login Settings. Choose Authenticate against Corporate User Directory as the portal authentication for administrators.

Further to choosing authentication method, enable Automatically create new Administrator accounts and update roles based on User Groups and enter distinguished name for the user groups that you want to auto-provision.

For example, consider chiracgrp that is an active directory user group. To auto­-provision chiracgrp, specify chiracgrp under ‘automatically create new administrator accounts and update roles based on User Groups’ as illustrated in the image.

User privilege in an auto-provisioned user groups

All the users under auto-provisioned user groups are privileged as portal administrators.

Using the Custom login URL that is available under from Setup > Login Settings, portal administrators can log in to MaaS360 portal by entering user name, domain, and login password.

Example: If kimsin is a user under chiracgrp that is auto-provisioned, then kimsin user is privileged as portal administrator and can log in to MaaS360 portal by using the custom login URL.

Note: You can view all active user accounts with portal administrator privilege in Search Administrators page as illustrated in the image.

Note: When user account is no more auto-provisioned and is not privileged as portal administrator, user cannot login to MaaS360 portal and the error message as illustrated in the image is displayed. The status for these user accounts is displayed as Inactive in Search Administrators page.