SOP-5-I-42Q-MES0152 Identity Access Management

From 42Q
Revision as of 01:36, 27 March 2021 by Marisol vargas (talk | contribs)
Jump to navigation Jump to search


 

 

Identity Access Management

Version MES15.67

 

This SOP is 42Q’s corporate standard.

This document is under revision control. The latest revision is located on Intranet.

Once printed it is an uncontrolled copy. All alterations to this work instruction require approval.

Contact the IT Global Education and Training Department to submit suggested alterations and or updates.

 

This edition applies to MES15.67 and all subsequent releases and modifications until otherwise indicated in new revisions.

 

Introduction

42Q IAM (Identity Access Management) is the unified login management to the MES portal; it provides adaptive solutions to support different policies and guarantee the authentication/authorization with a more secure mode.

This document introduces the three forms of authentications that are described below:

  • LDAP Authentication
  • Non-LDAP Authentication
  • SAML Authentication

When the user enters the MES Portal URL the system redirects to the unified login page:

 

Figure 1: IAM unified login page

Figure 1 IAM unified login UI.png

 

LDAP Authentication

42Q IAM supports LDAP authentication; for example, the user name helena_wang is an LDAP user account.

As displayed in the image below:

 

Figure 2: LDAP Account

Figure 2- LDAP Account.png

 

To access the MES Portal, follow the steps below:

  1. Enter the LDAP account (e.g. helena_wang ) in the Username field at the unified login page.
  2. Select the Next button.

 

Figure 3: LDAP Account Login

Figure 3 LDAP Account Login.png

 

  1. The system will ask users to input the password.

 

Figure 4: Input Password Form

Figure 4 Password form.png

  1. Once the username and password are valid, the system redirects to the MES Portal home page with the user signed in.

Figure 5: LDAP Account Login MES Portal

Figure 5 LDAP Account Login MES Portal.png

 

 

Non-LDAP Authentication

42Q IAM supports Non-LDAP authentication; in the example below, the user_name testuser00001 is one Non-LDAP user.

 

Figure 6: Non-LDAP Account

Figure 5- Non-LDAP Account.png

 

To access the MES Portal, follow the steps below:

  1. Enter the Non-LDAP user account (e.g. testuser00001) in the Username field at the unified login page.
  2. Select the Next.

 

Figure 7: Non-LDAP Account Login

Figure 7 Non-LDAP Account Login.png

 

  1. The system will ask users to input the password.

 

Figure 8: Non-LDAP Password

Figure 8 Non-LDAP password.png

  1. Once the username and password are valid, the system redirects to the MES Portal home page with the user signed in.

Forget Password

When users forget their password, they can reset their password by clicking  the Forgot password? link on the landing page, then it will redirect to the Account Service page, the users will be able to reset the password.

Figure 9: Forget Password

Figure Forget password.png

 

SAML Authentication

42Q IAM supports SAML authentication, this allows users to pass authorization credentials to the portal.

To access the MES Portal, follow the steps below:

  1. Enter the email address in the Username field at the unified login page.
  2. Select the button Next.

Note: If the email address is invalid, IAM will show the error message below.

 

Figure 9: Check Email Address

Figure 9 Check Email Address.png

 

Note: The current version (IAM-15.63.1) only supports valid Sanmina (user@Sanmina.com) and 42Q (user@42-q.com) mail accounts.

For external users, the new landing page/IAM login page can be disabled (recommended).

 

Figure 10: Email Address Login

Figure 10 Email Address Login.png

 

  1. The system redirects the users to the SAML authentication.

 

Figure 10: SAML authentication

Figure 10 - SAML authentication.png

 

  1. Enter the Username and Password, then select the Submit button.

Note: If the account has set the 2FA authentication, the 2FA passcode text field will pop-up.

 

Figure 11: 2FA Passcode

Figure 11.png

 

  1. The system redirects the users to the MES Portal/ 42Q platform main page when the account authenticates.

 

Figure 12: 42Q MES Portal main page

Figure 12- 42Q MES Portal main page.png

 

Note: If the message shown below appears on the screen; the users must select the option ssodev-sanm to go to the account authentication page and enter the username and password again to login to MES Portal.

 

Figure 13: Alter page

Figure 13- Alter page.png

 

 

 



Document Revision History

Date Author Title Version Change Reference Approved by
06/9/20 Helena Wang Technical Writer A1 First Release of 42-q IAM at 15.67

Sunny Xiong  

Marisol Vargas

11/24/20 Helena Wang Technical Writer B1 Allows users to input Passwords, and supports multi-language. Sunny Xiong
02/03/21 Helena Wang Technical Writer C1 Add Forgot password link Sunny Xiong

 

 

Retrieved from "https://42qrpt1.42-q.com/mes_wiki/index.php?title=SOP-5-I-42Q-MES0152_Identity_Access_Management&oldid=36809"