Creating new admins
Overview
To increase the security of our cloud tenancy an admin cannot create or remove other admins. This is the instruction for the admin-administrator to create new admin accounts:
Create a new admin
Admins need to use a “federated account” to login into the cloud instead of “local accounts”.
Go to Federation
in Identity
Click on OracleIdentityCloudService
and then Create User
append _admin
to the Username (firstname_lastname) of the new user and add the user to the Group OCI_Administrators
Warning: DO NOT ADD THE USER TO THE GROUP IDCS_Administrators - otherwise this admin will be able to manage other admin accounts.
You don’t have to assign any Roles to the user, so on the next screen click on Close
.
The new admin will receive an email like this:
and after activating the account everything is ready to go and the new admin needs to sign on via federated accounts Single Sign On: