1

IAM – End User Training Guide

2

Identity Access Management (IAM) encapsulates people, processes and products to identify and manage the data used in an information system to authenticate users and grant or deny access rights to data and system resources.

The goal of IAM is to provide appropriate access to enterprise resources.

Identity Management System in BSNL is used for centralized user management (creation, modification and disablement) for PMS and CRM applications.

Users can manage personnel profile including password using self-service feature of IAM Solution.

Access Management system is used for providing authentication, authorization

and Single Sign On (SSO) for IM, PMS and CRM applications.

IAM Overview

3

IT Manager Circle

End User (CRM)

IT Manager SSA1 IT Manager SSA2

End User (Self-Service)End User (PMS)

IM Administrator

Application Owner

Application OwnerApplication

Application

IM Roles

4 4

Role Name Description

End User Responsible for managing self user profile and self service tasks such password reset. End user may access more than one protected enterprise application (PMS, Clarity, CRM etc.)

IT Managers (Circle) Location/ Department heads responsible for user management (create, modify, enable/disable, application access/revoke etc) at his/ her location. Also responsible for assigning IT Manager SSA role to SSA users.

IT Managers (SSA) Location/ Department heads responsible for user management (create, modify, enable/disable, application access/revoke etc) at his/ her location.

IM Administrators Responsible for Administration of IAM policies. (Addition of new application, roles, access policies, etc.)

Application Owner Responsible for Managing orphan accounts of the application. (Assign/delete/resume/ suspend orphan accounts.)

IM Roles cont…

5

Enterprise Portal (EP) is used as a single point of entry to various other applications on which the user has access. User logged in to EP can perform Single Sign On (SSO) to all the other applications that user has access to.

By default every user can access “Self-Service” application from EP.

Enterprise Portal

6

URL for EP

Following URL can be used to launch EP

http://sso.sdc.bsnl.co.in/

Login Credentials

User has to enter user name (B + 9 digit HRMS No) and default password as bsnl123. User will be forced to change password and set security question and answer at first logon.

On Successful login, user will see the list of applications which he/she is authorized to access including default link to Self-Service.

Click on application link to open.

Enterprise Portal Details

7

Enterprise Portal Login Page

8

Enterprise Portal Home Page

9

Self-Service (Identity Management Application)

End User is presented with two categories of tasks (as shown in next slide).

Self Administration category.

Application Access Request category.

Self-Service

10

Self Administration

11

Self Administration

12

Self Administration

13

Tasks that can be performed under Self Administration include

Change My Password

Change Security Q&A

Modify My BSNL Profile

View My Submitted Tasks

View My Work List

Self Administration

14

Users can change password using “Change My Password”. New password should be used for the next login.

Change Password

15

Users can change Security question and answer using “Change My Security Q&A”. Security question-answer will be used in retrieving forgotten password.

Change My Security Q&A

16

Users can modify personal details using this task

Modify My BSNL Profile

17

Users can view the status (pending, rejected, approved, failed, completed etc.) of the submitted task.

View My Submitted Tasks

18

Users can modify their profile information such as Address,Email,Telephone etc..,

Following slide shows the Modify My BSNL Profile Screen.

Modify My BSNL Profile

19

Users can view and act upon work items that appear in their work list by using View My Work List

View My Work List

20

Application Access Request

21

Users can request for access to CRM,PMS and Clarity using the respective request tasks.

After requesting for access, the workflow gets initiated to IT Manager SSA/Circle.

Following slide shows the Application Access Request Screen.

Application Access Request

22

Application Access Request

23

Users can request for access to CRM application using this task.

List of available CRM Roles will be displayed. User can select one particular role for application authorization.

After submitting the CRM request, workflow gets initiated and goes to IT Manager SSA/Circle.

User can track the status of workflow using View My Submitted tasks under Self Administration.

CRM Request

24

CRM Request Screen

25

Users can request for access to PMS application using this task.

List of available PMS Roles will be displayed. User can select one particular role for application authorization.

After submitting the PMS request, workflow gets initiated and goes to IT Manager SSA.

User can track the status of workflow using View My Submitted tasks under Self Administration.

PMS Request

26

PMS Request Screen

27

User who cannot access Enterprise Portal due to a forgotten password shall have to click on the link for forgot password on Enterprise Portal. User will be challenged to answer the security question. If the answer to security question is correct then user will be prompted to reset the password. User can access the system with new password

Forgotten Password Retrieval

28

Logging out from individual application keeps the session active and closes the application only.

User can re-open the application by clicking the link provided on the

Enterprise Portal.

Cick on on Enterprise Portal Home Page or close the window at the top right corner to logout from EP.

Logout

29

Thank You.....