Select Identity settings > Directory.
Viimati uuendatud
7. apr 2025
- Adobe ettevõtetele ja meeskondadele: administreerimisjuhend
- Juurutamise planeerimine
- Põhimõisted
- Juurutamisjuhised
- Creative Cloud haridusasutustele – juurutamine
- Kasutuselevõtt kodus
- K-12 sisseelamisviisard
- Lihtne seadistus
- Kasutajate sünkroniseerimine
- Roster Sync K-12 (USA)
- Peamised litsentsimispõhimõtted
- Kasutuselevõtmise valikud
- Kiireid näpunäiteid
- Adobe rakenduste kinnitamine Google Admin Console'is
- Adobe Expressi lubamine Google Classroomis
- Integratsioon Canvas LMS-iga
- Integratsioon Blackboard Learniga
- SSO konfigureerimine piirkonna portaalide ja LMS-ide jaoks
- Kasutajate lisamine nimekirja sünkroonimise kaudu
- Kivuto KKK
- Esmaste ja teiseste asutuste õiguste suunised
- Oma organisatsiooni seadistamine
- Identiteeditüübid | Ülevaade
- Identiteedi seadistamine | Ülevaade
- Organisatsiooni seadistamine Enterprise ID-ga
- Azure AD föderatsiooni ja sünkroonimise seadistamine
- Google'i föderatsiooni ja sünkroonimise seadistamine
- Organisatsiooni seadistamine Microsoft ADFS-iga
- Organisatsiooni seadistamine piirkonna portaalide ja LMS-i jaoks
- Organisatsiooni seadistamine koos teiste identiteedi pakkujatega
- SSO levinud küsimused ja tõrkeotsing
- Frame.io seadistamine ettevõtetele
- Teie organisatsiooni seadistamise haldamine
- Olemasolevate domeenide ja kataloogide haldamine
- Automaatse konto loomise lubamine
- Domeenipõhine piiratud autentimine
- Organisatsiooni seadistamine kataloogi usalduse kaudu
- Üleminek uuele autentimise pakkujale
- Varade sätted
- Autentimise sätted
- Privaatsuse ja turvalisuse kontaktid
- Konsooli sätted
- Krüpteerimise haldamine
- Olemasolevate domeenide ja kataloogide haldamine
- Kasutajate haldamine
- Ülevaade
- Administratiivsete rollide haldamine
- Kasutajarollide haldamine
- Kasutajate haldamise strateegiad
- Litsentside määramine Teamsi kasutajale
- Rakendusesisene kasutajate haldamine meeskondade jaoks
- Ühtivate e-posti domeenidega kasutajate lisamine
- Kasutaja identiteedi tüübi muutmine
- Kasutajarühmade haldamine
- Kataloogi kasutajate haldamine
- Domeenipõhiste erandite loendi haldamine
- Arendajate haldamine
- Olemasolevate kasutajate migreerimine Adobe Admin Console'i
- Kasutajate haldamise migreerimine Adobe Admin Console'i
- Ülevaade
- Toodete ja õiguste haldamine
- Toodete ja tooteprofiilide haldamine
- Toodete haldamine
- Toodete ja litsentside ostmine
- Ettevõtte kasutajate tooteprofiilide haldamine
- Automaatse määramise reeglite haldamine
- Kasutajatele Firefly kohandatud mudelite treenimise õiguse andmine
- Tootetaotluste läbivaatamine
- Iseteeninduse poliitikate haldamine
- Rakenduste integratsioonide haldamine
- Toodete õiguste haldamine Admin Console'is
- Teenuste lubamine/keelamine tooteprofiili jaoks
- Üks rakendus | Creative Cloud ettevõtetele
- Valikulised teenused
- Jagatud seadmete litsentside haldamine
- Toodete ja tooteprofiilide haldamine
- Global Admin Console'iga alustamine
- Globaalse administreerimise kohandamine
- Organisatsiooni valimine
- Organisatsiooni hierarhia haldamine
- Tooteprofiilide haldamine
- Administraatorite haldamine
- Kasutajarühmade haldamine
- Litsentside määramise aruannete loomine
- Organisatsiooni poliitikate uuendamine
- Poliitikamallide haldamine
- Lasteorganisatsioonidele toodete eraldamine
- Ootel tööde käivitamine
- Auditilogi allalaadimine ja aruannete eksportimine
- Organisatsiooni struktuuri eksportimine või importimine
- Salvestusruumi ja varade haldamine
- Salvestusruum
- Projektide haldamine
- Varade migratsioon
- Varade tagasinõudmine kasutajalt
- Üliõpilaste varade migratsioon | ainult EDU
- Teenuste haldamine
- Adobe Stock
- Kohandatud fondid
- Adobe Asset Link
- Adobe Acrobat Sign
- Creative Cloud ettevõtetele – tasuta liikmesus
- Rakenduste ja uuenduste juurutamine
- Ülevaade
- Pakettide loomine
- Pakettide kohandamine
- Pakettide juurutamine
- Uuenduste haldamine
- Adobe Update Server Setup Tool (AUSST)
- Adobe Remote Update Manager (RUM)
- Tõrkeotsing
- Meeskonnakonto haldamine
- Uuendamised
- Lepingute haldamine
- Aruanded ja logid
- Abi saamine
Kehtib ettevõtteplaanile.
System administrators can restrict organization-owned domains to prevent users from creating and using personal Adobe ID accounts. This limits personal data usage, enhances security, and allows asset-sharing only between organization users.
You should ensure your organization meets the following prerequisites to use domain enforcement:
- Your organization must have one or more Enterprise or Federated directories with claimed domains established in the Adobe Admin Console.
- You must have system administrator permissions to view and manage domain enforcement in your Admin Console.
Block creation of new Adobe ID accounts with an organization-owned domain
Facilitate uniform federated sign-in workflow for all users on an organization-owned domain
Control the number of user accounts and profiles on an organization-owned domain
Promote better collaboration between end users on Enterprise Storage
Block purchase of software for personal use under an organization-owned domain
Domain enforcement is enabled by default on all newly created Enterprise and Federated directories. All domains within the domain enforcement policy-enabled directories will have restricted authentication. Users can't create new accounts using restricted domains linked to policy-enabled directories.
You can manage your users and directories in the following ways with domain enforcement:
- Restrict the creation of Adobe ID accounts with organization-owned domains
- Transition existing users with Adobe ID accounts in your organization to Enterprise ID or Federated ID accounts, requiring secure login for license and storage access
- Generate a report indicating which users have Adobe ID accounts with enforced domains
- Require existing Adobe ID accounts using organization-owned domains to change the email associated with the account to a personal address
Go to the Adobe Admin Console Settings to view your directories and their Domain enforcement statuses in the Adobe Admin Console. Then, select a directory with Domain enforcement status set to On to view the Domain enforcement settings section.
Turn off Domain enforcement
Hoiatus.
Adobe strongly recommends that you keep domain enforcement ON for your directories. Turning domain enforcement on or off frequently may result in users facing disruptions while signing in.
You can turn off domain enforcement for any directory by following the steps:
-
-
Deselect Domain enforcement toggle.
Visit the Admin Console Insights section and select Logs to view the changes related to domain enforcement policy at any time.
Domain enforcement best practices
You can best use the domain enforcement feature by setting up your domains and directories to align with your organization's needs:
- Link domains to directories: To stop users associated with a particular domain from creating new accounts or using organization email for personal use, you must link the domains with domain enforcement-enabled directories.
- Transfer domains to a different directory: If you want to allow personal use of their organization email for users associated with one or more domains, you must transfer these domains to one target directory. Then, turn off domain enforcement for this target directory.
- Allow automatic account creation: If you want users to create a Federated ID only with their organization-owned email address, you must enable both domain enforcement and automatic account creation.
Adobe recommends that you Edit users' identity type to transfer existing Adobe ID users to Enterprise ID or Federated ID before you enable the Require email change policy. This ensures all users in a directory have a consistent sign-in experience and prevents unintended change requests from organization users.
Select Admin Console Users, and then navigate to Edit identity type by CSV from the three-dot menu.
This feature allows you to force existing Adobe ID accounts in an enforced directory to change their associated email addresses. When the email change feature is enabled, an Adobe ID user has 30 days from the first sign-in attempt to change their email address. After 30 days, they must change their email address to access their account and data.
When enabled, a user affected by the policy views a message on their next sign-in: Update Your Email. To avoid confusion, inform your users about this change before enabling the Require email change setting.
Märkus.
- If the required email change policy is enabled, any email address on the exception list is exempt and can remain as an Adobe ID using an enforced domain. If the email address is removed from the exception list at any time and require email change is enabled, the user will be subject to the policy.
- Any data associated with the users remains unaffected, and they can still change their email to start using their apps and data at any time.
- If you turned off the feature after using it initially, users who have not yet changed their email address will stop seeing Update Your Email message. However, a user who completed the email change can neither revert the change nor make a new Adobe ID with the old email address unless domain enforcement is removed from the affected directory.
This user report allows you to view a list of Adobe IDs using a claimed domain for the email address associated with their account. You can download the report for any directory every hour in each organization.
The report provides a list of email addresses for users who have accepted the latest Adobe Terms of Use with their personal accounts. To download the list of Adobe ID users, go to Adobe Admin Console, and then select Insights > Reports.
The exception list allows defined users to bypass domain enforcement policy and use a personal Adobe ID account with their managed email.
System admins can use the exception list to add service accounts, troubleshoot SSO issues, and strategically exclude users from the require email change setting.
