Panduan Pengguna Batal

Set up organization via directory trust

Cari
Enterprise

Enterprise

Admin Console
  1. Adobe Enterprise & Teams: Panduan pentadbiran
  2. Rancang pemasangan anda
    1. Konsep asas
      1. Pelesenan
      2. Identiti
      3. Pengurusan pengguna
      4. Pemasangan aplikasi
      5. Gambaran keseluruhan Admin Console
      6. Peranan pentadbir
    2. Panduan Pemasangan
      1. Panduan pemasangan Pengguna Bernama
      2. Panduan pemasangan SDL
      3. Pasangkan Adobe Acrobat 
    3. Pasangkan Creative Cloud untuk pendidikan
      1. Laman utama Penerapan
      2. Bestari Penyesuaian Tugas K-12
      3. Persediaan mudah
      4. Menyegerakkan Pengguna
      5. Penyegerakan Senarai K-12 (AS)
      6. Konsep pelesenan utama
      7. Pilihan penerapan
      8. Petua cepat
      9. Luluskan aplikasi Adobe dalam Google Admin Console
      10. Dayakan Adobe Express dalam Google Classroom
      11. Penyepaduan dengan Canvas LMS
      12. Penyepaduan dengan Blackboard Learn
      13. Mengkonfigurasikan SSO untuk District Portal dan LMS
      14. Tambahkan pengguna melalui Roster Sync
      15. Soalan Lazim Kivuto
      16. Garis panduan kelayakan institusi Utama dan Sekunder
  3. Sediakan organisasi anda
    1. Jenis identiti | Gambaran keseluruhan
    2. Sediakan identiti | Gambaran keseluruhan
    3. Sediakan organisasi dengan Enterprise ID
    4. Sediakan Azure AD federation dan segerakkan
      1. Sediakan SSO dengan Microsoft melalui Azure OIDC
      2. Tambahkan Azure Sync pada direktori anda
      3. Penyegerakan peranan untuk Pendidikan
      4. Soalan Lazim Azure Connector
    5. Sediakan Google Federation dan segerakkan
      1. Sediakan SSO dengan Google Federation
      2. Tambahkan Google Sync pada direktori anda
      3. Soalan Lazim Google federation
    6. Sediakan organisasi dengan Microsoft ADFS
    7. Sediakan organisasi untuk District Portal dan LMS
    8. Sediakan organisasi dengan penyedia Identiti lain
      1. Cipta direktori
      2. Sahkan pemilikan domain
      3. Tambahkan domain pada direktori
    9. Soalan lazim dan penyelesaian masalah SSO
      1. Soalan lazim SSO
      2. Penyelesaian masalah SSO
      3. Soalan lazim pendidikan
  4. Urus persediaan organisasi anda
    1. Urus domain dan direktori sedia ada
    2. Dayakan penciptaan akaun automatik
    3. Sediakan organisasi melalui amanah direktori
    4. Berhijrah kepada penyedia pengesahan baharu 
    5. Tetapan aset
    6. Tetapan pengesahan
    7. Hubungan privasi dan keselamatan
    8. Tetapan konsol
    9. Urus penyulitan  
  5. Urus pengguna
    1. Gambaran Keseluruhan
    2. Peranan pentadbiran
    3. Strategi pengurusan pengguna
      1. Urus pengguna secara individu   
      2. Urus berbilang pengguna (CSV Pukal)
      3. Alat Penyegerakan Pengguna (UST)
      4. Microsoft Azure Sync
      5. Google Federation Sync
    4. Berikan lesen kepada pengguna Pasukan
    5. Pengurusan pengguna dalam apl untuk pasukan
      1. Urus pasukan anda dalam Adobe Express
      2. Urus pasukan anda dalam Adobe Acrobat
    6. Tambahkan pengguna dengan domain e-mel yang sepadan
    7. Tukar jenis identiti pengguna
    8. Urus kumpulan pengguna
    9. Urus pengguna direktori
    10. Urus pembangun
    11. Hijrahkan pengguna sedia ada ke Adobe Admin Console
    12. Hijrahkan pengurusan pengguna ke Adobe Admin Console
  6. Urus produk dan kelayakan
    1. Urus produk dan profil produk
      1. Urus produk
      2. Beli produk dan lesen
      3. Urus profil produk untuk pengguna perusahaan
      4. Urus peraturan pemberian automatik
      5. Beri hak kepada pengguna untuk melatih model tersuai Firefly
      6. Semak permintaan produk
      7. Urus dasar layan diri
      8. Urus penyepaduan aplikasi
      9. Urus kebenaran produk dalam Admin Console  
      10. Dayakan/lumpuhkan perkhidmatan untuk profil produk
      11. Aplikasi Tunggal | Creative Cloud untuk perusahaan
      12. Perkhidmatan pilihan
    2. Urus lesen Peranti yang Dikongsi
      1. Apa yang baharu
      2. Panduan pemasangan
      3. Cipta pakej
      4. Pulihkan lesen
      5. Urus profil
      6. Kit alat pelesenan
      7. Soalan Lazim Pelesenan Peranti yang Dikongsi
  7. Bermula dengan Global Admin Console
    1. Amalkan pentadbiran global
    2. Pilih organisasi anda
    3. Urus hierarki organisasi
    4. Urus profil produk
    5. Urus pentadbir
    6. Urus kumpulan pengguna
    7. Kemas kini dasar organisasi
    8. Urus templat dasar
    9. Peruntukkan produk kepada organisasi anak
    10. Laksanakan kerja yang belum selesai
    11. Terokai insights
    12. Eksport atau import struktur organisasi
  8. Urus storan dan aset
    1. Storan
      1. Urus storan perusahaan
      2. Adobe Creative Cloud: Kemas kini kepada storan
      3. Urus storan Adobe
    2. Penghijrahan Aset
      1. Penghijrahan Aset Automatik
      2. Soalan Lazim Penghijrahan Aset Automatik  
      3. Urus aset yang dipindahkan
    3. Tuntut semula aset daripada pengguna
    4. Penghijrahan aset pelajar | EDU sahaja
      1. Penghijrahan aset pelajar automatik
      2. Hijrahkan aset anda
  9. Urus perkhidmatan
    1. Adobe Stock
      1. Pek kredit Adobe Stock untuk pasukan
      2. Adobe Stock untuk perusahaan
      3. Guna Adobe Stock untuk perusahaan
      4. Kelulusan Lesen Adobe Stock
    2. Fon tersuai
    3. Pautan Aset Adobe
      1. Gambaran Keseluruhan
      2. Cipta kumpulan pengguna
      3. Konfigurasikan Adobe Experience Manager Assets
      4. Konfigurasikan dan pasang Adobe Asset Link
      5. Urus aset
      6. Adobe Asset Link untuk XD
    4. Adobe Acrobat Sign
      1. Sediakan Adobe Acrobat Sign untuk perusahaan atau pasukan
      2. Adobe Acrobat Sign - Pentadbir ciri Pasukan
      3. Urus Adobe Acrobat Sign pada Admin Console
    5. Creative Cloud untuk perusahaan - keahlian percuma
      1. Gambaran Keseluruhan
  10. Pasangkan aplikasi dan kemas kini
    1. Gambaran Keseluruhan
      1. Pasangkan dan hantar aplikasi dan kemas kini
      2. Pelan untuk dipasangkan
      3. Bersedia untuk dipasangkan
    2. Cipta pakej
      1. Pakej aplikasi melalui Admin Console
      2. Cipta Pakej Pelesenan Pengguna Bernama
      3. Urus pakej yang dijana terlebih dahulu
        1. Urus templat Adobe
        2. Urus pakej aplikasi Tunggal
      4. Urus pakej
      5. Urus lesen peranti
      6. Pelesenan nombor siri
    3. Sesuaikan pakej
      1. Sesuaikan app desktop Creative Cloud
      2. Sertakan sambungan dalam pakej anda
    4. Pasangkan Pakej 
      1. Pasangkan pakej
      2. Pasangkan pakej Adobe menggunakan Microsoft Intune
      3. Pasangkan pakej Adobe dengan SCCM
      4. Pasangkan pakej Adobe dengan ARD
      5. Pasang produk dalam folder Pengecualian
      6. Nyahpasang produk Creative Cloud
      7. Gunakan kit alat peruntukan Adobe edisi perusahaan
    5. Urus kemas kini
      1. Tukar pengurusan untuk pelanggan Adobe enterprise and teams
      2. Pasangkan kemas kini
    6. Adobe Update Server Setup Tool (AUSST)
      1. Gambaran Keseluruhan AUSST
      2. Sediakan pelayan kemas kini dalaman
      3. Mengekalkan pelayan kemas kini dalaman
      4. Kes penggunaan biasa AUSST   
      5. Selesaikan masalah pelayan kemas kini dalaman
    7. Adobe Remote Update Manager (RUM)
      1. Nota keluaran
      2. Gunakan Adobe Remote Update Manager
    8. Selesaikan masalah
      1. Selesaikan masalah ralat pemasangan dan penyahpasangan aplikasi Creative Cloud
      2. Tanya mesin klien untuk menyemak sama ada pakej dipasangkan
  11. Urus akaun Pasukan anda
    1. Gambaran Keseluruhan
    2. Kemas kini butiran bayaran
    3. Uruskan invois
    4. Tukar pemilik kontrak
    5. Tukar pelan anda
    6. Tukar penjual semula
    7. Batalkan pelan anda
    8. Pematuhan Permintaan Pembelian
  12. Pembaharuan
    1. Keahlian pasukan: Pembaharuan
    2. Perusahaan dalam VIP: Pembaharuan dan pematuhan
  13. Urus kontrak
    1. Tahap tamat tempoh automatik untuk kontrak ETLA
    2. Menukar jenis kontrak dalam Adobe Admin Console sedia ada
    3. Value Incentive Plan (VIP) di China
    4. Bantuan VIP Select
  14. Laporan & log
    1. Log Audit
    2. Laporan pemberian
    3. Log Kandungan
  15. Dapatkan bantuan
    1. Hubungi Layanan Pelanggan Adobe
    2. Pilihan sokongan untuk akaun pasukan
    3. Pilihan sokongan untuk akaun perusahaan
    4. Pilihan sokongan untuk Experience Cloud

You can use directory trust to authenticate your users against a domain already claimed by another organization.

Directory trusting

Only one organization at a time can claim a domain's ownership. Thus, consider the following scenario:

A company, Geometrixx, has multiple departments, each of which has its own unique Admin Console. Also, each department wants to use Federated user IDs, all using the geometrixx.com domain.  Each department's system administrator would want to claim this domain for authentication.

The Admin Console prevents a domain from being added to multiple organizations' Admin Console. However, once added by a single department, other departments can request access to the directory to which that domain is linked on behalf of their organization's Admin Console.

Directory trusting allows a directory owner organization to trust other requesting organizations (trustees). After this, trustee organizations in the Admin Console can add users to any domain within the trusted directory.

To summarize, you must add a domain if you plan to use Enterprise ID or Federated ID on your Admin Console. If another organization has already added this domain, you must request trustee access to the directory containing this domain. However, when the trustee organization adds users to the trusted domains, they are authenticated based on the owning organization's identity management.

To request access to a directory, follow the steps in Add domains to directories.

Peringatan:
  • As an owner of a directory, if you approve an access request for a directory, the trustee organization will have access to all domains linked to the directory, as well as any domains linked to that directory in the future. So planning the domain-to-directory linking is essential as you set up the identity system in your organization.
  • Before adding, requesting, revoking, or withdrawing a trust request, we strongly recommend that you export a user list from the Admin Console or Consoles involved prior to making changes. This list will provide a snapshot of all user data, including name, email, assigned product profiles, and assigned admin roles in case you need to roll back.
  • There are specific steps to migrating a domain that includes a trust relationship. You should not revoke a trust relationship when migrating a trusted domain to prevent the loss of user account and product access in the trustee’s organization.

Domain trustee (Requesting organization)

Follow the process below if you want to request access to a directory owning your desired domain:

If you add existing domains to the Admin Console, you are prompted with the following message:

If you request access to this domain; your name, email, and organization name are shared with the system administrators of the owning organization.

Since the owner already set up the domain, you do not need to take any additional action as the trustee. When the owner accepts the access request, your organization can access the directory and all its domains, as configured by the owning organization.

  1. Sign in to the Admin Console and navigate to Settings > Identity.

  2. Go to the Access Requests tab and check the status against each directory for which you have requested access.

  3. You can also click the row item in the list of access requests and click Resend Request or Cancel Request.

If the owning organization accepts your request for access to the directory, you receive an email notification. Your trust request disappears and is replaced by the trusted directory and its domains with Active (trusted) status in your Directories and Domains listings.

Go ahead and add users and user groups and assign them to product profiles.

As the trustee organization, if you no longer have a need to access the trusted directory, you may withdraw your trustee status at any time.

  1. Sign in to the Admin Console and navigate to Settings > Identity.

  2. In the Directories tab, click the shared directory to withdraw your access from.

  3. In the directory details drawer, click Withdraw.

If you withdraw your access to a trusted directory, any users associated with the domains in that directory are removed from your organization. However, these users could still access their assigned apps, services, and storage.

To stop users from using the software, remove them from Admin Console > Users > Remove users. Then, you can reclaim the deleted users' assets since your organization owns these assets.

Domain owner (Owning organization)

When you get an email request for access to a directory you own, you can accept or reject the request from the email itself. Or, navigate to the Access request tab in the Admin Console to manage claim requests.

  1. Sign in to the Admin Console and navigate to Settings > Identity.

  2. Go to the Access Request tab.

  3. To accept all the requests, click Accept All.

    Or to accept requests for specific claims, click the check box to the left of each row and click Accept.

  4. In the Accept Access Request screen, click Accept.

An email notification is sent to the System admins of the trustee organizations.

You can also choose to reject the request for access to a directory that you own.

  1. Sign in to the Admin Console and navigate to Settings > Identity.

  2. Go to the Access Request tab.

  3. Click the check box to the left of each row and click Reject.

  4. In the Reject Access Request screen, enter a reason for the rejecting the request and click Reject.

The reason that you provide, is shared with the requesting organization via email. However, your email, name, and organizational information are withheld.

You can revoke the access of a trustee organization for which you have previously given access.

  1. Sign in to the Admin Console and navigate to Settings > Identity.

  2. Go to the Trustees tab.

  3. Click the check box to the left of each row and click Revoke.

  4. In the Revoke Trustee screen, click Revoke.

If you revoke access to a trusted directory, any users associated with the domains in that directory are removed from the trusted directory. However, these users could still access their assigned apps, services, and storage.

To stop users from using the software, trustee admins can remove them from Admin Console > Users Remove users. Then, they can reclaim the deleted users' assets since the trustee organization owns these assets.

Directory trusting - Common questions

When a user is added to a trustee organization, the user is authenticated by the owning organization's identity setup. This holds true for new users on the trustee organization or for existing users on the owning organization.

When the user on a trustee organization signs into Adobe apps or services, the user is prompted with the Federated ID or Enterprise ID sign-in workflow, as set up on the owning organization.

Also, the user may be given entitlements from either the owning or trustee organizations. In this case, we will create a profile for each organization (owning or trustee) to which the users belongs. A profile helps to keep entitlements and assets isolated from each organization. So, the assets created by a user under a specific profile belong to that organzation. If a user leaves an organization, the assets are reclaimed by the admin of that organization.

Read more:

After your trustee organization is migrated, all your users are signed out of their accounts and will need to sign back in. Since these users are also users in the owning organzation, they may be given entitlemnts from the owning as well as the trustee organizations. In this case, we will set up profiles for the users. So, when signing back into their accounts, your users may be prompted with a profile chooser.

If required, your users may read how to manage Adobe profiles.

Dapatkan bantuan dengan lebih pantas dan mudah

Pengguna baharu?

Pautan pantas

Lihat semua pelan anda Urus pelan anda
Lihat pautan pantas
Sembunyikan pautan pantas

Legal Notices    |    Online Privacy Policy