User Administration Console 
Use
The identity management user interface of the User Management Engine (UME) provides you with the functions you need to manage users, groups, and roles on the Application Server for Java. This user interface is also known as the user administration console.
Integration
·
Identity management
is integrated in the 
SAP NetWeaver
Administrator of the Application Server for Java.
To access identity management, choose System Administration ® Administration ® Identity Management in the local view of the NetWeaver Administrator.
· Identity management is integrated in the User Administrator role of the portal.
To access
identity management, choose User Administration ® Identity
Management. For more
information on the user administration console in a portal environment, see Managing Users,
Groups, and Roles in SAP NetWeaver Portal.
· Identity management can be started as a stand-alone user administration console.
To start the user administration console, enter the following in your web browser:
http://<J2EE_Engine_hostname>:<J2EE_Engine_HTTP_port>/useradmin
Prerequisites
Identity management, requires the following authorizations:
· For delegated user administrator, you require the following actions:
¡ UME Manage_Roles_Assignments
¡ UME Manage_Users
· For global user administrator, you require the following actions:
¡ UME Manage_All
Or some or all of the following:
¡ UME Manage_Roles
¡ UME Manage_Groups
¡ UME Manage_All_Companies
By default, these actions are only assigned to administrator users.
Features
User Interface
The identity management user interface is split into two main areas, the search view and the details view. When you start the console, only the search view is visible. When you search for a user, group, or role, the search results appear in a list at the bottom of the search view. When you select a user, group, or role in the list, the details view appears below the search view and displays detailed information about the selected object. See the figure below.
Functions
The user administration console enables global user administrators to do the following:
· Search for users, groups or roles
¡ Simple search for string in user ID or name
¡ Advanced search for users using user attributes as search criteria
· View information on users, groups, and roles
· Create new users, groups, and roles
· Copy an existing user
· Change existing users, groups, and roles
· Delete users, groups, and roles
· Reset user passwords
· Lock or unlock users
· Approve and reject users
· Add or remove user certificate (in planning)
· Assign users and groups to roles or remove users and groups from roles
· Assign users, groups or roles to groups or remove users, groups, or roles from groups
· Add actions to roles or remove them
· Search recursively for objects assigned to other objects
For example, if you perform a normal search for users assigned to a role, the search will find only the users directly assigned to the role. If you search recursively, the search will find both the users directly assigned to the role and the users that are assigned to groups that are assigned to the role, that is, users that are indirectly assigned to the role.
· Import or export users, groups, and roles
Delegated user
administrators have access to a restricted set of functions. For more
information, see Delegated User
Administration.
Customizing
The user interface provides a number of display options.
Identity Management User Interface Display Options
Option |
UME Property |
Maximum number of search hits displayed |
ume.admin.search_maxhits |
Threshold for displaying a warning when too many search hits are found |
ume.admin.search_maxhits_warninglevel |
Add customer user attributes |
ume.admin.addattrs ume.admin.self.addattrs |
Table size |
ume.admin.wd.table.size.large ume.admin.wd.table.size.medium ume.admin.wd.table.size.small |
For more
information, see Editing UME
Properties and Administration.
Activities
For information on activities, see:
·
Managing Users,
Groups, and Roles