In SDS for C&M, you need to choose between either of the following user registration modes:
- Standard mode, which allows the registration of all users belonging to the domains declared in your corporate account.
- Advanced mode, which allows the registration of only a pre-declared user whitelist. This list is compiled via SDMC's API.
- In the server's administration interface, select the Settings menu on the left, then User registration.
- In the Registration mode area, enable the Allow all users in the domain option so that all users belonging to the declared domains can register on the corporate account.
- or - Disable the option so that only pre-declared users can register on the corporate account.
Regardless of the user registration mode that you have chosen, the various steps in the registration process are the same:
- After a user installs the SDS for C&M client on his workstation, he needs to create his account. For further information on the process of creating an account, refer to the SDS for C&M User guide that you can access on your workstation using the Right click > Help menu on the SDS for C&M icon.
- The user will then receive an e-mail asking him to confirm his electronic address in order to validate his account. Until he confirms his address, he will appear in the Users menu in the web administration interface with the status Validation email sent. This user will therefore not yet be counted among the number of users for the license.
In built-in key management mode, as long as the first user has not validated his account, the creation of any other account will be rejected. As the first user will be the security administrator, it is absolutely necessary that he logs on at least once to SDS for C&M so that other users can use the product. For more information, please refer to the section Declaring the security administrator.
The account validation e-mail will remain valid for 48 hours. If the user does not activate his account within this period, the administrator may click on the Resend validation email link in order to give him 48 more hours.
- As soon has he has activated his account, the user will appear in the Users menu in the web administration interface with his registration date. The number of users allowed for the license will then be deducted and the default policy will be applied to him.
If you want only specific users to be allowed to register on your corporate account, you need to pre-declare a list of users (user whitelist) via the SDMC API. Users who were created before the activation of this feature are not affected. They can continue to use SDS for C&M even though they are not on the list.
- In Settings > User registration, disable the option Allow all users in the domain in order to force the use of the user whitelist. For more information, see the section Configuring the user registration mode.
- In Settings > Advanced capabilities, create an access token to the API in order for your scripts to run. For more information, refer to the section Managing API access tokens.
- Create a script to pre-declare users and run it. To do so, refer to the documentation on the SDMC API and the dedicated examples.
The Python script that Stormshield provides as an example uses arguments such as a file containing your token and a .csv file containing all users' addresses.
Feel free to suggest your own developments or improvements to existing code on this site.
Users can be created and seen in the Users menu by enabling the Pending users > Pre-declared users filter.
- Each user must then create his account to be able to use SDS for C&M. For further information on the process of creating an account, refer to the SDS for C&M User guide that you can access on your workstation using the Right click > Help menu on the SDS for C&M icon.