Domains

domains, domain list, list of domains, types of domains, domain types, defining domains, how to define a domain, hiding domains, showing domains, how to hide a domain, how to show a domain, default domains, define a default domain, defining default domains, sorting domains, how to sort domains, adding a domain, add domain, how to add domains, editing a domain, edit a domain, how to edit domains, deleting a domain, delete domain, how to delete domains

{"URL":["/aai/web/v2/settings/usermgmt/domains"],"heroDescriptionIdentifier":"ice_description_domains_intro","customCards":[{"id":"ice_domains_types","title":"Types of Domains","type":"customize","url":"https://docs.automic.com/documentation/webhelp/english/ALL/components/TERMA_DOCU/*.*/AAI%20Guides/Content/Administration/UserManagement/admin_domain.htm"},{"id":"ice_domains_working_with_the_list","title":"Working with the Domains List","type":"customize","url":"https://docs.automic.com/documentation/webhelp/english/ALL/components/TERMA_DOCU/*.*/AAI%20Guides/Content/Administration/UserManagement/admin_domain.htm"},{"id":"ice_domains_adding","title":"Adding a Domain","type":"customize","url":"https://docs.automic.com/documentation/webhelp/english/ALL/components/TERMA_DOCU/*.*/AAI%20Guides/Content/Administration/UserManagement/admin_domain.htm"},{"id":"ice_domains_JAWS","title":"Configuring a JAWS Domain","type":"customize","url":"https://docs.automic.com/documentation/webhelp/english/ALL/components/TERMA_DOCU/*.*/AAI%20Guides/Content/Administration/UserManagement/admin_domain_JAWS.htm"},{"id":"ice_domains_LDAP","title":"Configuring an LDAP Domain","type":"customize","url":"https://docs.automic.com/documentation/webhelp/english/ALL/components/TERMA_DOCU/*.*/AAI%20Guides/Content/Administration/UserManagement/admin_domain_LDAP.htm"},{"id":"ice_domain_EEM","title":"Configuring an eEM Domain","type":"customize","url":"https://docs.automic.com/documentation/webhelp/english/ALL/components/TERMA_DOCU/*.*/AAI%20Guides/Content/Administration/UserManagement/admin_domain_eEM.htm"},{"id":"ice_domain_kerberos","title":"Configuring a Kerberos Domain","type":"customize","url":"https://docs.automic.com/documentation/webhelp/english/ALL/components/TERMA_DOCU/*.*/AAI%20Guides/Content/Administration/UserManagement/admin_domain_Kerberos.htm"},{"id":"ice_domains_editing","title":"Editing a Domain","type":"customize","url":"https://docs.automic.com/documentation/webhelp/english/ALL/components/TERMA_DOCU/*.*/AAI%20Guides/Content/Administration/UserManagement/admin_domain.htm"},{"id":"ice_domains_delete","title":"Deleting a Domain","type":"customize","url":"https://docs.automic.com/documentation/webhelp/english/ALL/components/TERMA_DOCU/6.5.0/AAI%20Guides/Content/Administration/UserManagement/admin_domain.htm"},{"id":"ice_description_Working_w_Tables","title":"Working with Tables","type":"customize","url":"https://docs.automic.com/documentation/webhelp/english/ALL/components/TERMA_DOCU/*.*/AAI%20Guides/Content/_Common/CommonFunctions/CF_Working_with_Tables.htm"}]}

Domains control the user login, authentication method, and access privileges to AAI's functions. Depending on the domain, the user definition (role and access privileges) is handed over to AAI by the domain itself or you have to assign the individual users a specific role manually. As an AAI administrator, you manage domains on the Domains tab of the Settings > User Management page. You also determine which domains will be available for the users to log in to AAI.

Notes:

After installing AAI you have a built-in security domain called JAWS.

JAWS has a predefined, default administration user that has full access to features, functions and user interface areas. This user is available when you first install AAI, and it is meant to be used only to setup AAI and make it functional, not as a regular AAI user with the admin role and ongoing administration responsibilities. Its credentials are:
- User name: admin
- Password: password
This product documentation presents information about AAI features and tasks as they relate to the roles AAI users play in your organization (AAI administrators, business area coordinators, jobstream administrators and so forth). You should not confuse those user roles with the user roles that are referred to as part of the User Management features and behavior.

This page includes the following:

Types of Domains

types of domains, domain types

AAI supports the following types of domains:

JAWS

This is AAI's native domain and it is available by default after a fresh installation. This domain provides basic user access management. For more information, see Configuring the JAWS Domain.
LDAP

If your company uses LDAP for directory services authentication, you can integrate LDAP with AAI. Any user who is defined and has an ID and a password in the LDAP domain can log in to AAI. This domain provides basic user access management. For more information, see Configuring the LDAP Domain.
eEM

If you use eEM for access policy management, authentication, and authorization services, you can integrate eEM with AAI. This integration provides a granular role-based authentication and data access control with very specific roles and privileges.

For more information, see:
- Configuring the eEM Domain
- Role-Based Security with eEM
Kerberos

If your company uses Kerberos to authenticate service requests, you can integrate Kerberos and AAI for single sign-on. For more information, see Configuring the Kerberos Domain.

The domains that you create are displayed and available for selection in the Domains dropdown list on the AAI Login page. The users must select the appropriate domain to log in.

Working with the Domains List

domain list, list of domains, types of domains, domain types, defining domains, how to define a domain, hiding domains, showing domains, how to hide a domain, how to show a domain, default domains, define a default domain, defining default domains, sorting domains, how to sort domains

The Domains list shows the domains to which you have at least read-only access to. Depending on the domain that you have logged in with, the list can be restricted:

Users who log in with eEM

Only the domains to which you have access.
Other users

All the domains in AAI. Administrator users can add, edit and delete domains. Application users have read-access only.

You add, modify, and delete domains from this list.

Defining Default Domains for Users

If more than one domain is defined and visible, when users login to AAI default domain is the domain that is preselected on the log in page when the user opens AAI. If more than one domain is available to a user, the default domain is the first domain in the list.

After installing AAI, when you, as an administrator, log in for the first time, JAWS is the default domain. You can change the default once you have added more domains.

To set a domain as default, do the following:

Go to the Settings > User Management page.
Open the Domains tab.
Click the domain that you want to be the default and drag it position 1 on the list.

Hiding/Showing Domains

You can make domains visible to or hidden from users. Visible domains are displayed in the Domains dropdown list on AAI's login page and users can select one of them to log in. Hidden domains are not available in this dropdown list and, therefore, users will not be able to select them to log in to AAI. There must always be a domain in the Visible area of the Domains list.

Tip:

Typically, if you have several domains, you might want to hide the JAWS domain to force users to log in using one of the other domains.

To hide or show a domain, do the following:

Go to the Settings > User Management page.
Open the Domains tab.

Notice that there are two parts to the list. The upper part are the Visible domains, and there is a lower part for the Hidden domains.
To change a domain from visible to hidden or the other way around, click the domain and drag it to the other part of the list.

When moving a domain to the Visible part, make sure to place the domain where you want it to appear in the order of listed domains that users will have in the dropdown list on their login page.

Changing the Domains Order

The order of the domains in the list corresponds to the order of the domains in the dropdown list on the login page.

To change the order of the domains in the login dropdown list, do the following:

Go to the Settings > User Management page.
Open the Domains tab.
To change the listed order of the domains on the login page, drag and drop them to the desired position in the list here.

Remember that only the domains in the Visible part of the list can appear to users at login.

Adding a Domain

adding a domain, add domain, how to add domains

Go to the Settings > User Management page.
Open the Domains tab.
Select Add Domain.
On the Add Domain dialog, enter the following:

Name

This is the name that the users will see on the login page when they log in to AAI. It must be unique. Once created, the name of the domain cannot be edited.

Type

One of the domain types supported by AAI.

Note:
The JAWS domain type is default and pre-defined. It is not listed as a type that you can choose to define.
The dialog is automatically expanded and shows the configuration options for the domain type. For details about those options, see the corresponding topic:

Editing a Domain

editing a domain, edit a domain, how to edit domains

The domain names on the list are links to the respective domain definition.

Click the name of the domain that you want to edit.
On the Edit Domain dialog, make your changes.
Click Save.

Notes:

The domain Name and Type are not editable for any domain.
The JAWS domains is not editable.

Deleting a Domain

deleting a domain, delete domain, how to delete domains

Click on the domain name in the list.
On the Edit Domain dialog, click Delete Domain.

If there are users assigned to the domain, AAI shows an error message and you cannot delete it.

You cannot delete the JAWS domain.