Nexus Documentation

Space shortcuts

Page tree

Nexus information on: Azure Key Leakage - Storm-0558
Nexus awareness advisory on Microsoft’s update KB5014754

Visit Nexus to get an overview of Nexus' solutions, read customer cases, access the latest news, and more.

This article describes how an operator temporarily deactivates a user in Smart ID Identity Manager. Read more here: Smart ID Workforce use cases

The user's relations to credentials are kept but the user's roles are withdrawn.

Expand/Collapse All

Prerequisites

  • The user must be in state "active"
  • All roles will be withdrawn. If the user is reactivated later, the user will only get the default role. See Reactivate user.
  • Add reasons for deactivation in Identity Manager Admin. The reasons will be shown in a drop-down list in Identity Manager Operator, see Create reason.

Step-by-step instruction for the operator

  1. Log in to Identity Manager Operator with your user account. 
  1. In the Quick search drop-down list, select User. (Or go to the Search page to find the user)

  2. . Search for the user that shall be deactivated. User data is shown in read-only mode.

    To cancel the process, see "Cancel the process" below.

  3. Click Deactivate user.

  4. In the Reason drop -down list, select the reason for deactivation. The user's active related credentials gets inactive or locked. See "Use case details" below.

  5. Click Next to deactivate the user. The user will not be notified by email after the deactivation.

    Depending on the configuration, there can be options added to the use case, see "Options" below.

To cancel the process:

  • Click Cancel to close the process.
  • Click Next to proceed with the process.

Use case details

Use case description

As an operator I want to deactivate a user in Identity Manager

Outcome
  • End state for user = "inactive"
  • End state for related credentials = "inactive"/"locked", see details below
  • End state for related certificates = "on hold"/"revoked", see details below
  • The relation from user to credentials still exists 
  • All roles for the user are withdrawn
Related credentialsCredentials - end stateCertificates - end state
Card and related certificatesinactiveon hold
Temporary card and related certificateslockedrevoked
Virtual smart card and related certificatesinactiveon hold
Mobile ID and related certificatesinactiveon hold
Soft token and related certificatesinactiveon hold
Symbolic name

UsersProcDeactivate

Process name

Deactivate user

Component

Identity Manager Operator

Required user state

Active

Process start

On the user profile>Deactivate user

Options

The options are configured by the administrator via a script in Identity Manager Admin and can be used by the operator and self-service user.

The script already exists with default values, so you only need to change the values as needed, not create the script.

Option: Add an approval step

Use case scenarios

  • Parental leave

  • Leave of absence
  • Need to temporarily deactivate the user

Related information

© 2023 Technology Nexus Secured Business Solutions AB. All rights reserved.
Contact Nexus | https://www.nexusgroup.com | Disclaimer | Terms & Conditions