FlexNet Manager Suite
2023 R1
(On-Premises)
When Google OAuth 2.0 has been configured, the account you identified in the
configuration dialog displayed by PowerShell is automatically created as an operator
in
FlexNet Manager Suite. This account is automatically assigned to the
Administrator role. This administrator can log in
to
FlexNet Manager Suite to create additional operators and manage operator
roles.
Note: When you are migrating from Windows Integrated Authentication, any
other existing operator roles are now invalid. You need to create new operators,
each based on the Google login name.
To add operators using Google OAuth 2.0:
-
Have each potential operator attempt a login to FlexNet Manager Suite using
their Google identity.
By default, the operator account is automatically created in FlexNet Manager Suite; but because the new operator account is not assigned to any
roles, the person logging in sees a screen stating that there has been a
Sign In Failure. To authorize access for this
operator:
-
Logged in as the administrator account, navigate to the system menu ( in the top right corner) > Accounts.
-
Locate the new operator account, and ensure that
Enabled is selected in the
Status drop-down list.
-
Select a role for this account from the Role
drop-down list.
-
Click Save.
When the operator is assigned to one or more roles as appropriate, that
person can log in for a second time, and access is granted.
Tip: You
can turn off the automatic creation of operator accounts when unauthorized
people log in using Google OAuth 2.0. To do so, on the web application server, use a flat text editor to edit the
web.config
file, by default located in n
<drive>:\\Program Files
(x86)\Flexera Software\FlexNet Manager Platform\WebUI. Update
the createUnknownOperator
Boolean attribute of the
signOn
element to false
, and save the
file. (The change takes effect immediately, with no need to restart FlexNet Manager Suite.) Operators now see the same Sign In
Failure message, but no corresponding operator account is
created (so see the next step instead).
-
Alternatively, gather the Google account names of all required operators, and
manually create the operator accounts, assigning each to the appropriate role(s)
as you go.
One difference when using Google OAuth 2.0 is that you cannot select operator
names from a drop-down list (as you can when using Windows Integrated
Authentication, when the potential operators have accounts in Active Directory).
Instead, carefully enter the email address that functions as the Google account
name directly in the
Account field.
Important: Once created, operator accounts cannot be deleted. Furthermore, the account
name (in this case, an email address) cannot be edited. Be sure to enter the
email address correctly, and double-check it, before clicking
Create.
FlexNet Manager Suite (On-Premises)
2023 R1