Changing KeyControl Account Details as a Security Administrator

This procedure is for KeyControl-managed user accounts only. You cannot change the account details for any AD-managed user accounts. For details, see KeyControl User Accounts.

1. Log into the KeyControl Vault Management webGUI using an account with Security Admin privileges.
2. In the top right, click the Switch to Appliance Management link.
3. In the top menu bar, click Security.
4. Click the KeyControl Managed Users tab.
5. Select the account you want to modify in the list. The KeyControl webGUI displays the details for the selected account below the table.

6. Click the tab containing the information you want to change.

   Note: For a full description of all information in the tabs, see Creating a New KeyControl-Managed User Account.

   • The full name, account status, account expiration, and email information is on the User tab.

     The User tab also lets you disable two-factor authentication for another user's account. If you do so, however, the user will need to re-enable it themselves. You cannot enable two-factor authentication for any other user's account. For more information, see About Two-Factor Authentication.

     Note: Beginning with 5.2, the security administrator can globally enforce two-factor authentication for all users. For more information, see Managing Two-Factor Authentication.

   • The authentication method and password, including the password expiration, for locally-authenticated accounts is on the Authentication tab.
   • The user role and group membership information is on the Privileges and Groups tab.
7. Click the field that you want to change and enter the new value in that field. When you are done, click Save. Your changes are immediately applied to the account.