User Settings

Navigate to Admin > Users, and select the related user from the list to view its settings under the General tab. Below is a brief explanation of each text-entry field or control:

  • Display Name: Text that is used throughout the user interface, such as in audits.
  • Domain: If a drop-down list is visible, selecting a domain from the list is one way to set the expected domain of the user. However, a more dynamic way to have this text-entry field (and all the other text-entry fields) set is through Active Directory synchronization.
  • Email Address: Email address used for Request Access, email two-factor authentication, and the like.
  • Email Two-Factor Authentication: On a login attempt, the user has an email sent to the email address entered above. This email contains a pin code that the user needs to log into the account. See Email Two-Factor Authentication for details.
  • Enabled: Disabling this control removes the user from the system. Effectively, this is the way to delete a user. Secret Server does not allow complete deletion of users due to auditing requirements. To re-enable a user, navigate to the Administration > Users page, check the Show Inactive Users checkbox just under the Users grid, and edit the user to mark them enabled (see Configuring Users).
  • Locked Out: If checked, then this user has been locked out of the system due to too many login failures. To remove the lock, uncheck the check box. For more details on locking out users, see Maximum Login Failures setting described in the Login Settings section.
  • Password: Login password for the user. For the various login settings, see Login Settings section.
  • Multifactor Authentication: Auto-Enable two factor for new Users. Can be set to FIDO2, TOTP Authentication, Duo, Radius, or Email.

  • Slack ID: The Slack ID for this user.

  • Status: A locked out account is unable to log in until the account is unlocked by an administrator.

  • User Name: Login name for the user.
A new user is assigned the User role by default. For more information on roles, see "Roles."

  • User managed by: Allows specific users to manage this user that are not neccessarily user admins. Can be set to a specific user or All Users with Administer Users Role Permission.

  • IP address restrictions: IP Address restrictions allow you to choose what IP Address range this user can use to access the application. When one or more IP Address ranges are enabled, this user will only be able to access the application from the enabled IP Address Range(s).