18 Novell Access Manager 3.1 SP1 Administration Console Guidenovdocx (en) 19 February 20101.6 Multiple Administrators, Multiple SessionsThe Administration Console has been designed to warn you when another administrator is makingchanges to a policy container or to an Access Manager device (such as an Access Gateway, SSLVPN, or J2EE Agent). The person who is currently editing the configuration is listed at the top of thepage with an option to unlock and with the person’s distinguished name and IP address. If you selectto unlock, you destroy all changes the other administrator is currently working on.WARNING: Currently, locking has not been implemented on the pages for modifying the IdentityServer. If you have multiple administrators, they need to coordinate with each other so that only oneadministrator is modifying an Identity Server cluster at any given time.Multiple Sessions: You should not start multiple sessions to the Administration Console with thesame browser on a workstation. Browser sessions share settings that can result in problems whenyou apply changes to configuration settings. However, if you are using two different brands ofbrowsers simultaneously, such as Internet Explorer* and Firefox*, it is possible to avoid the sessionconflicts.Multiple Administration Consoles: As long as the primary console is running, all configurationchanges should be made at the primary console. If you make changes at both a primary console anda secondary console, browser caching can cause you to create an invalid configuration.The following sections explain how to create additional administrator accounts and how to delegaterights to administrators: Section 1.6.1, “Multiple Admin Accounts,” on page 18 Section 1.6.2, “Managing Delegated Administrators,” on page 191.6.1 Multiple Admin AccountsThe Administration Console is installed with one admin user account. If you have multipleadministrators, you might want to create a user account for each one so that log files reflect themodifications of each administrator. The easiest way to do this is to create an account for eachadministrator and make the user security equivalent to the admin user. You can also create delegatedadministrators and configure them to have rights to specific components of Access Manager. Forconfiguration information for this type of user, see Section 1.6.2, “Managing DelegatedAdministrators,” on page 19.To create a user who is security equivalent to the admin user:1 In the Administration Console from the Roles and Tasks view, click Users > Create User.2 Create a user account for each administrator.3 Click Modify User, then select the created user.4 Click Security > Security Equal To.5 Select the admin user, then click Apply > OK.6 Repeat Step 3 through Step 5 for each user you want to make security equivalent to the adminuser.