Table of Contents

User management

User directories

DataMiner supports the following types of directories for user management:

By default, DataMiner will import users from its local Active Directory.

Note

Importing users via these methods does not necessarily allow these users to sign in. See User authentication.

Local users

Apart from directory users, DataMiner also has a notion of local users, i.e. users created within the DataMiner System. Behind the scenes, when a new local user is created, DataMiner will create a new Windows user. Local users are completely managed by the Windows Server hosting your DataMiner System. This means Windows is responsible for password storage, complexity, and audit trail requirements.

For more information see Types of users.

Default Users

DataMiner has one built-in user, named "Administrator". This user is also the local administrator on the Windows server hosting DataMiner. This user is intended for recovery and initial configuration purposes. Once the system is configured and Operator users have been created, we recommend disabling the local Administrator user on the DataMiner server.

To disable the local Administrator user:

  1. Open a PowerShell console as administrator.

  2. Execute the following command:

    Get-LocalUser Administrator | Disable-LocalUser

To enable the local Administrator user:

  1. Open a PowerShell console as administrator.

  2. Execute the following command:

    Get-LocalUser Administrator | Enable-LocalUser

Note

If you use self-hosted storage nodes instead of the recommended Storage as a Service, you will need to make sure that the default users of the DataMiner databases are also secured. For more information, see Securing self-hosted DataMiner storage.

User authentication

To actually sign in users in DataMiner, several authentication methods are supported:

Multi-Factor Authentication (MFA)

Both RADIUS and SAML authentication have support for enabling Multi-Factor Authentication on your DataMiner System.

Groups and permissions

Once your users are imported into the DataMiner System, it is possible to assign them to a group. All permissions are configured on group level. See DataMiner user permissions for more information about the different permissions.

Tip

See also: