Show TOC

User Administration ToolsLocate this document in the navigation structure

The user administration tools for the AS Java allow both offline and runtime user administration.

User Administration Tools

Tool

Detailed Description

Further Information

Identity Management

Web-based tool integrated into SAP NetWeaver Administrator that provides functions for configuration of the user management engine (UME) and user administration.

You can use the functions supplied with this tool from a Web browser.

Administration Manual:

User Management of the Application Server Java

Shell Console Administrator

A command line tool that enables remote administration from Telnet clients.

The default AS Java configuration enables only administrator users to use telnet.

Administration Manual:

Remote Administration Using Telnet

Config Tool

An XML-based tool that enables offline configuration of AS Java cluster elements. Changes made using this tool must be exported to the engine database and may require you to restart the AS Java. This tool does not support remote administration of AS Java.

Administration Manual:

Config Tool

Remote User Administration During Runtime

User management during server runtime enables efficient and scalable user management for your productive systems. Furthermore, remote user administration facilitates security management of individual AS Java systems, for example, when running in a cluster. Therefore, the AS Java provides the following administration tools that allow remote user management during server runtime:

  • Identity Management
  • Shell Console Administrator

For an overview and comparison of these tools, see the table below:

Function

Shell Console Administrator

Identity Management

Create, view, or delete users

Yes

Yes

Search for users

No

Yes

Import users from external systems

No

Yes

Lock or unlock users

No

Yes

List locked users

No

Yes

Change user passwords

Yes

Yes

Define password rules

No

Yes

Require password change

No

Yes

Create, delete and manage groups and group members

Yes

Yes

Assign a public-key certificate to a user

Yes

Yes

Assign roles to users

No

Yes

Assign UME actions to roles

No

Yes

Configure user stores

Yes

Yes