User Guide Cancel

Migrate user management to the Adobe Admin Console

Search
  1. Adobe Enterprise & Teams: Administration guide
  2. Plan your deployment
    1. Basic concepts
      1. Licensing
      2. Identity
      3. User management
      4. App deployment
      5. Admin Console overview
      6. Admin roles
    2. Deployment Guides
      1. Named User deployment guide
      2. SDL deployment guide
      3. Deploy Adobe Acrobat 
    3. Deploy Creative Cloud for education
      1. Deployment guide
      2. Integration with Canvas LMS
      3. Integration with Blackboard Learn
      4. Configuring SSO for District Portals and LMSs
      5. Kivuto FAQ
      6. Primary and Secondary institution eligibility guidelines
  3. Set up your organization
    1. Set up identity
      1. Identity types | overview
      2. Set up organization with Enterprise ID
      3. Set up organization with Federated ID
        1. SSO overview
        2. Setup Azure Connector and sync
          1. Set up SSO with Microsoft via Azure OIDC
          2. Add Azure Sync to your directory
          3. Azure Connector FAQ
        3. Set up Google Federation and sync
          1. Set up SSO with Google Federation
          2. Add Google Sync to your directory
          3. Google federation FAQ
        4. Generic SAML
          1. Set up SSO with other SAML providers
          2. Set up SSO with Microsoft ADFS
          3. SSO Common questions
          4. SSO Troubleshooting
        5. Education SSO
          1. Configure SSO for District Portals and LMS
          2. Common questions
      4. Verify ownership of a domain
      5. Add and manage domains
      6. Link domains to directories
      7. Manage existing domains and directories
      8. Use directory trust to add pre-claimed domains
      9. Migrate to new authentication provider
    2. Asset settings
    3. Authentication settings
    4. Privacy and security contacts
    5. Console settings
    6. Manage encryption
  4. Manage products and entitlements
    1. Manage users
      1. Overview
      2. Administrative roles
      3. User management techniques
        1. Manage users individually   
        2. Manage multiple users (Bulk CSV)
        3. User Sync tool (UST)
        4. Microsoft Azure Sync
        5. Google Federation Sync
      4. Change user's identity type
      5. Manage user groups
      6. Manage directory users
      7. Manage developers
      8. Migrate existing users to the Adobe Admin Console
      9. Migrate user management to the Adobe Admin Console
    2. Manage products and product profiles
      1. Manage products
      2. Manage product profiles for enterprise users
      3. Manage self-service policies
      4. Manage app integrations
      5. Manage product permissions in the Admin Console  
      6. Enable/disable services for a product profile
      7. Single App | Creative Cloud for enterprise
      8. Optional services
    3. Manage Shared Device licenses
      1. What's new
      2. Deployment guide
      3. Create packages
      4. Recover licenses
      5. Migrate from Device Licensing
      6. Manage profiles
      7. Licensing toolkit
      8. Shared Device Licensing FAQ
  5. Manage storage and assets
    1. Storage
      1. Manage enterprise storage
      2. Adobe Creative Cloud: Update to storage
      3. Manage Adobe storage
    2. Asset migration
      1. Automated Asset Migration
      2. Automated Asset Migration FAQ  
      3. Manage transferred assets
    3. Reclaim assets from a user
    4. Student asset migration | EDU only
      1. Automatic student asset migration
      2. Migrate your assets
  6. Manage services
    1. Adobe Stock
      1. Adobe Stock credit packs for teams
      2. Adobe Stock for enterprise
      3. Use Adobe Stock for enterprise
      4. Adobe Stock License Approval
    2. Custom fonts
    3. Adobe Asset Link
      1. Overview
      2. Create user group
      3. Configure Adobe Experience Manager Assets
      4. Configure and install Adobe Asset Link
      5. Manage assets
      6. Adobe Asset Link for XD
    4. Adobe Acrobat Sign
      1. Set up Adobe Acrobat Sign for enterprise or teams
      2. Adobe Acrobat Sign - Team feature Administrator
      3. Manage Adobe Acrobat Sign on the Admin Console
    5. Creative Cloud for enterprise - free membership
      1. Overview
      2. Getting started
  7. Deploy apps and updates
    1. Overview
      1. Deploy and deliver apps and updates
      2. Plan to deploy
      3. Prepare to deploy
    2. Create packages
      1. Package apps via the Admin Console
      2. Create Named User Licensing Packages
      3. Adobe templates for packages
      4. Manage packages
      5. Manage device licenses
      6. Serial number licensing
    3. Customize packages
      1. Customize the Creative Cloud desktop app
      2. Include extensions in your package
    4. Deploy Packages 
      1. Deploy packages
      2. Deploy Adobe packages using Microsoft Intune
      3. Deploy Adobe packages with SCCM
      4. Deploy Adobe packages with ARD
      5. Install products in the Exceptions folder
      6. Uninstall Creative Cloud products
      7. Use Adobe provisioning toolkit enterprise edition
      8. Adobe Creative Cloud licensing identifiers
    5. Manage updates
      1. Change management for Adobe enterprise and teams customers
      2. Deploy updates
    6. Adobe Update Server Setup Tool (AUSST)
      1. AUSST Overview
      2. Set up the internal update server
      3. Maintain the internal update server
      4. Common use cases of AUSST   
      5. Troubleshoot the internal update server
    7. Adobe Remote Update Manager (RUM)
      1. Use Adobe Remote Update Manager
      2. Channel IDs for use with Adobe Remote Update Manager
      3. Resolve RUM errors
    8. Troubleshoot
      1. Troubleshoot Creative Cloud apps installation and uninstallation errors
      2. Query client machines to check if a package is deployed
      3. Creative Cloud package "Installation Failed" error message
    9. Create packages using Creative Cloud Packager (CC 2018 or earlier apps)
      1. About Creative Cloud Packager
      2. Creative Cloud Packager release notes
      3. Application packaging
      4. Create packages using Creative Cloud Packager
      5. Create named license packages
      6. Create packages with device licenses
      7. Create a license package
      8. Create packages with serial number licenses
      9. Packager automation
      10. Package non-Creative Cloud products
      11. Edit and save configurations
      12. Set locale at system level
  8. Manage your account
    1. Manage your Teams account
      1. Overview
      2. Update payment details
      3. Manage invoices
      4. Change contract owner
      5. Change reseller
    2. Assign licenses to a Teams user
    3. Add products and licenses
    4. Renewals
      1. Teams membership: Renewals
      2. Enterprise in VIP: Renewals and compliance
    5. Automated expiration stages for ETLA contracts
    6. Switching contract types within an existing Adobe Admin Console
    7. Purchase Request compliance
    8. Value Incentive Plan (VIP) in China
    9. VIP Select help
  9. Reports & logs
    1. Audit Log
    2. Assignment reports
    3. Content Logs
  10. Get help
    1. Contact Adobe Customer Care
    2. Support options for teams accounts
    3. Support options for enterprise accounts
    4. Support options for Experience Cloud

Introduction

As an administrator of an Adobe product, you may have traditionally managed your users and controlled their access to various product capabilities through the product's administrative interface. Now you can achieve the same through Adobe's Admin Console. This document explains the benefits of doing so, and also guides you through the process.

The document provides an overview of the steps that are required to transition user management from your current in-product interface to the Adobe Admin Console. It links to other documents that cover the specific how-tos in full detail.

Note:

So as to provide benefits such as enterprise storage and other enterprise-level features, we are migrating all existing Adobe IDs to Business IDs. All new business customers will use Business IDs for their team members.

You'll receive advance communication when your organization is scheduled for this upgrade. For more information, see Introduction to Business IDs and new storage features. Until your organization is migrated, you will continue to use Adobe ID type to access the organization. Support for Adobe IDs will then be reserved for individual customers only.

Who should read this document

This document is targeted at the following administrative roles.

Note:

The specific names for these roles can differ in the product you manage. 

System administrators

Administrators of the current product who are responsible for user management. This role involves tasks such as:

  • Adding and inviting users to the product 
  • Editing user properties
  • Removing users

Product administrators

Administrators of the current product who are responsible for assigning product permissions to users for access to various product capabilities. This role involves tasks such as:

  • Enabling and revoking permissions to a specific product functionality
  • Assigning a product-specific role to a user
Note:

This document is not for the end users. Usually, the migration process is seamless to the end user and does not require their involvement. As a system administrator, you can inform your end users about what to expect from this migration process.

Benefits of migrating to the Admin Console

Why move to the Admin Console

The Adobe Admin Console provides a centralized location to manage the administrators, users, user groups, product permissions, and product roles across all the Adobe products that your organization has purchased.

You can delegate system administrative tasks by creating other system administrators. You can also designate product-specific administrators to manage Adobe products that your organization has purchased. For details, see Administrative roles.

As Adobe introduces new products and services, you can quickly provide your users access to these products from within the Admin Console. You can also manage product-specific permissions and roles by using product profiles.

You can also create user groups to collectively manage product permissions and product roles. Simply create groups of users based on your needs and then assign these user groups to the product profiles that you define.

For more details, see the Admin Console.

Who does migration benefit

System administrators

If you are a system administrator, the Admin Console provides you with a single interface to manage all the users in your organization, irrespective of which Adobe products they use. You can add new users to the Admin Console using their Business ID or their enterprise credentials.

For the steps to add users, see Invite Users. You can also add multiple users using a .csv file. The console also provides various bulk operations for managing users.

Product administrators

If you are a product administrator, the Admin Console provides you with a single interface to manage the product-specific permissions and roles for the users in your organization. When Adobe adds new capabilities to the products that your organization uses, you can manage any new permissions for your existing users from within the same interface. When your organization purchases new products from Adobe, you can use the same Admin Console to provide your users access to and manage their permissions and roles for these new products.

Read about how to manage products and product profiles.

End users

Your end users have one set of user credentials that they use across all existing and new Adobe products available to your organization.

Pre-migration

You will receive an in-product notification to get you started with the migration.

Email invitation from Adobe to primary system administrator

If your organization is not already using the Admin Console, you will be designated the primary system administrator and will receive an email invitation from Adobe to the Admin Console. To log in, use your Adobe ID credentials.

Migration workflow

Following is an overview of the steps to migrate your user management to the Admin Console.

Step 1: Plan the identity type for your users

The first step is to decide the identity type for your users. Adobe’s identity management system helps admins create and manage user access to applications and services. Adobe offers three varying types of identities or accounts to authenticate and authorize users. They use an email address as the user name. You can choose between any of the following identity types supported by the Admin Console.

  • Business ID: Created, owned, and managed by an organization. Adobe performs the authentication, and the organization user manages the identity.
  • Federated ID: Created, owned, and managed by an organization and linked to the enterprise directory via federation. The organization manages credentials and processes Single Sign-On via a SAML2 Identity Provider (IdP).
  • Enterprise ID: Created, owned, and managed by an organization. Adobe hosts the Enterprise ID and performs authentication, but the organization maintains the Enterprise ID.

Based on your organizational needs, you can select the most appropriate identity model to implement and use.

Note:

You can either choose to use Federated IDs or  Enterprise IDs (and not both). However, you can choose only one of these identity types with the Business IDs. Like, if some of your users are logging into your product with your enterprise credentials (such as johndoe@example.com) and some users are using emails that are from outside your enterprise (such as janedoe@gmail.com).

If you need, read more about Adobe's supported identity types.

Step 2: Add Business ID users to Admin Console

Note:

If you have chosen to use only Enterprise or Federated ID types, you can skip this step in the workflow.

Add Business ID users either manually or in bulk to the Admin Console.

Step 3: Set up a Directory

As a system admin on the Admin Console, one of your first tasks is to define and set up an identity system against which your end users will be authenticated. As your organization purchases licenses for Adobe products and services, you will need to provision those licenses to your end users. And for this, you will need a way to authenticate these users.

Adobe provides you with the following identity types that you can use to authenticate your end users:

  • Business ID
  • Enterprise ID
  • Federated ID

If you want to have separate accounts owned and controlled by your organization for users in your domain, you must use either Enterprise ID or Federated ID (for Single- Sign-On) identity types.

For details, see Set up identity.

Step 4: Claim your domain (If you have chosen Enterprise or Federated IDs types in Step 1)

Your end users are authenticated against domains that you set up in the Admin Console. If your email address is john@example.com, your domain is example.com. A claimed domain can be used either with Enterprise IDs or Federated IDs, but not both. You can however claim multiple domains.

Your organization must demonstrate its control over a domain to claim it. And, a domain can be claimed only once.

If the domain has already been claimed, like, by another department of the same company, one can request access to it by the domain claim process. The first department to claim the domain (owner) is responsible for approving any requests for access by other departments (trustees). For details, see Directory trusting.

If you’ve set up Federated IDs, Single Sign-On can be configured. When organizations configure and enable Single Sign-On (SSO), users in that organization are able to use their corporate credentials to access Adobe software.

Step 5: Migrate user management

Note:

Before you start the migration, one (or both) of the following must be completed:

  • If you have chosen to use Enterprise or Federated IDs, you must have claimed the domain for your enterprise.
  • If you have chosen to use Business IDs (either entirely or with Enterprise or Federated IDs),  you must add these users to the Admin Console.

After your users have created their Business IDs or you have claimed the domain for your enterprise, initiate the migration process from within your Adobe product.

Step 6: Users receive invitation email

All users that are set up to be managed via the Admin Console receive an email that explains what they have been given access to.

System and product administrators will be able to access to the Admin Console.

End users will be able to log into the product using their credentials.

Post migration

After the migration is complete, the following changes take effect:

System administrators

You no longer manage users in the product.

Use the Admin Console to manage users. For an introduction on how to use the Admin Console, see this article.

If you are the primary (or first) System administrator for your organization on the Admin Console, you can assign administrative roles to other users. These roles can include:

  • Other System administrators
  • Product administrators

Product administrators

You no longer manage users, their permissions, or their roles in the product.

You are assigned administrative privileges to one or more products in your organization. You can create product profiles and assign administrators to the profiles that you create. You can also assign users and user groups to these product profiles. Optionally, you can then assign roles to these users and user groups.

Read about how to manage products and product profiles on the Admin Console.

End users

Your end users will log into the existing product using their credentials. All user information is specific to the Business ID or as specified in your enterprise (if you choose Federated or Enterprise IDs).

Adobe logo

Sign in to your account

Quick links

View all your plans Manage your plans

Legal Notices    |    Online Privacy Policy

[Feedback V2 Badge]