To add users as an admin:

• Select Settings->Users.
• Under the User Management tab, click on the Add User button in the right corner.



• Enter the essential details of the user, including Name, Username, email, and password. You can enable or disable the login for this particular user. Set Yes to enable the login. Enable the TOTP login for the user to add an extra layer of security.
• Finally, Assign the appropriate role for the user.
• DDI provides only two roles: Admin and Operator. The Admin role has unrestricted access, while the Operator role has limited access, which can be extended by granting specific permissions for each cluster or zone as needed.
• Click Save.
• Provide the Username, Password, and URL for the other users you've added. Make sure they login using the URL from their web browser.
• Once they login they'll be prompted to reset their password and login to the DDI system.

Enabling Two-factor authentication for the users

DDI Central enhances user account security by mandating two-factor authentication (2FA) for all users associated with your organization. This additional security layer requires verification through a time-sensitive code generated by a compatible mobile authenticator application. The following steps outline the 2FA process.

1. Users need a mobile device capable of running a TOTP-enabled authenticator mobile app.
2. DDI Central is compatible with various mobile authenticator apps, including Google Authenticator, Zoho's OneAuth, Authy, and others.
3. Install your chosen authenticator app on your smartphone.
4. Link DDI Central to the authenticator app either by scanning the QR secret code displayed on the DDI Central login page or by entering the code manually. This is a one-time process.
5. On subsequent logins, enter the TOTP displayed in your authenticator app. The OTP adds an extra layer of security and can be generated without an internet connection.
6. Upon first accessing DDI Central, all users including the Admin who managed the installation process will need to reset their password.

This two-factor authentication approach ensures that access to your DDI Central account is secure, combining something the user knows (their password) with something they have (a TOTP from the authenticator app).

User permissions

Supplementary User Roles in DDI Central

DDI Central also has supplementary user roles with different visibility and permissions for accessing network resources of your organization's network. This way, the administrators can add these roles to have more visibility on the network activities and also limit their access to a certain boundary.

They are,

1.Guest

2.Auditor

Guest

Guest user type allows the user only to view and monitor network activities in the DNS and DHCP clusters, and they won't have access to configure the settings and policies. This helps the administrators add more individual users to have visibility on the network services and review them.

Auditor

The Auditor role enables the user to view only the audits of the networks services in the DNS and DHCP clusters, and they won't have access to view the network activities, and can't configure the settings. This helps in reviewing the actions executed on each of the clusters added in DDI Central.

Both these user roles help with the auditing and compliance purposes. Higher officials and supervisors can effortlessly review the network activities and audit logs in the respective DDI clusters, by adding them as Guest or Auditor in the DDI Central application.

Enabling other stakeholders to review prevents errors and misinformation in the network data, and administrators can be alerted for troubleshooting the network error. This also helps provide an all around visibility to other teams like the compliance team to have verification over the network data in case anything is misplaced or missed.

User Audits

The User Audit tab can be accessed by selecting the Audit menu from the left menu bar. The User audit tab helps you monitor your users' login activities by capturing the username, date, and timestamp of the latest login activities.