Managing AD Accounts and Groups for Managed Host Authentication and Authorization
Service owners should identify individuals within their CSU with permissions to manage AD user accounts and service groups via the Active Directory Departmental Administration Tools web console (https://www.austin.utexas.edu) This is typically the CSU head or any manager to whom permission has been delegated. You may contact the Active Directory team (firstname.lastname@example.org) for a list of persons with this privilege. All staff that need to login to service hosts should be assigned an account. In addition, each service that will use AD for access and authorization should have a service group assigned.
- To create AD user accounts.
- Login to the web console, (https://www.austin.utexas.edu). NOTES: Use your regular EID to log in. Access requires DUO. If you are connecting from off campus, you must be connected through VPN.
- Click on the "Department Admin Tools" button and then navigate to the "Create a User" window.
- Users are created with the name "<dept-code>-<eid>". Be sure to select "No" for self-claim this account and assign the EID of the user you are creating the account for in the Assignee EID box.
- Once setup, the user to whom the account is assigned should receive email requesting he or she login to the web console and claim the AD user account and set a password.
- To manage service group membership
- To create AD service groups
*Only add "<dept-code>-<eid>" based accounts