User Accounts Overview

Configure user accounts to authenticate users and, if necessary, allow other users in your organization to access the management console.

User Account Purpose	Details
User authentication	Authenticate users before they can forward traffic to TMWS. TMWS recognizes the following accounts: Hosted user accounts: Accounts that belong to your organization's domain(s) and have been assigned the User or Administrator role from the TMWS management console Active Directory user accounts: Accounts from your organization's Microsoft™ Azure Active Directory infrastructure, which has been properly integrated with TMWS TMWS supports several authentication mechanisms. It can authenticate users transparently (without user intervention) or by redirecting them to a captive portal page where they provide their user account credentials. Note: A captive portal page is a web page shown to users before they gain access to URL, HTTP, or HTTPS-based Internet services. It gives administrators the option of requiring users to enter a user name and password before accessing the Internet. Guest user account: A predefined account for users without hosted or Active Directory user accounts
Management console access	Allow other users in your organization to access the management console without using your administrator account. TMWS recognizes hosted user accounts with the Administrator role.

User Account Purpose

Details

User authentication

Authenticate users before they can forward traffic to TMWS.

TMWS recognizes the following accounts:

Hosted user accounts: Accounts that belong to your organization's domain(s) and have been assigned the User or Administrator role from the TMWS management console
Active Directory user accounts: Accounts from your organization's Microsoft™ Azure Active Directory infrastructure, which has been properly integrated with TMWS

TMWS supports several authentication mechanisms. It can authenticate users transparently (without user intervention) or by redirecting them to a captive portal page where they provide their user account credentials.

Note:
A captive portal page is a web page shown to users before they gain access to URL, HTTP, or HTTPS-based Internet services. It gives administrators the option of requiring users to enter a user name and password before accessing the Internet.
Guest user account: A predefined account for users without hosted or Active Directory user accounts

Management console access

Allow other users in your organization to access the management console without using your administrator account.

TMWS recognizes hosted user accounts with the Administrator role.

User Account Setup

Perform the following tasks to set up user accounts.

Domains

Add your organization's domains.

TMWS uses the domains you configure to:

Create hosted user accounts
Integrate with your organization's Active Directory infrastructure

Go to Administration > USERS & AUTHENTICATION > Directory Services.

Hosted User Accounts

Add and manage hosted user accounts used for authentications and management console access.

Go to Administration > USERS & AUTHENTICATION > Hosted Users.

Active Directory User Accounts

Integrate TMWS with your organization's Active Directory infrastructure to authenticate Active Directory users who forward web traffic to TMWS.

Go to Administration > USERS & AUTHENTICATION > Directory Services.

Guest User Account

Use the guest user account to authenticate users (such as partners and contractors) who do not have the necessary logon credentials. Guest users can also be subject to TMWS policies.

Go to Administration > USERS & AUTHENTICATION > Hosted Users and click Guest User Account.