Configuring a Restricted Agent to Control User Access

A restricted agent allows only members of one or more specified groups to access protected resources. For example, if you create a restricted agent to provide access to personnel data and allow only members of the human resources group to authenticate on this agent, only members of the human resources group can access personnel data. You can further restrict access by limiting authentication to a specified a time span.

This procedure lists the high-level tasks required to configure a restricted agent.

Procedure

  1. Add an authentication agent, and configure the agent to be a restricted agent.

    For instructions, see Add an Authentication Agent.

  2. Generate the Authentication Manager configuration file.

    For instructions, see Generate the Authentication Manager Configuration File.

  3. Set up user groups.

    For instructions, see Add a User Group and Add a User to a User Group.

  4. Allow a user group access to the restricted agent.

    For instructions, see Allow a User Group to Authenticate on an Agent.

  5. (Optional) Set restricted access times for user groups.

    For instructions, see Set Restricted Access Times for User Groups.