User and login management

Users can access Snow License Manager via the Snow Management and Configuration Center and the Web application.

Password policy

A password policy is a set of rules designed to protect access to the system, by forcing users to create strong passwords and to handle them in a secure manner. The use of the password policy is optional in Snow License Manager, but it is active by default.

The Snow License Manager policy requires passwords to be:

  • At least eight characters long

  • One uppercase letter (A-Z)

  • One lowercase letter (a-z)

  • One of the following symbols: ! @ # ¤ $ % ^ & ? =

  • One number

Role-based access control (RBAC)

All features in Snow License Manager are designed for access using role-based security rules. Roles provide a way to implement security and control access rights to objects and reports. Security parameters provide the option to restrict access to certain functionality.

Snow License Manager defines several roles, including Administrator, License Administrator, and Viewer. Roles should be assigned in accordance with a user’s responsibilities. For example, a License Administrator can create a report with all licensing information for the entire organization, whereas a Viewer only can list the licenses that are in use within their department. Roles can be customized and tailored to specific organizational requirements.

Every Snow License Manager user requires a separate account, with rights and functionality defined by the user’s assigned roles (a user can be assigned one or more roles).

Organization-based security

In addition to role-based security, Snow License Manager allows user access restrictions based on organizational parameters. These restrictions limit users, for example, from viewing data related to other departments within the organization, such as users, computers and allocated licenses.

An organizational structure can be imported directly from Active Directory or a spreadsheet into Snow License Manager or created manually. The structure consists of a parent node, with sub-nodes representing different departments. Access restrictions are set at the node level.

Users are assigned to an organizational node, with an option to grant them access for a limited period. This option is useful, for example, to enable access to an external consultant.

Centralized user account management through Windows Authentication

If the server hosting Snow License Manager is part of a customer domain, Snow License Manager can be configured to use Windows Authentication. Users created in Snow License Manager are mapped to their Active Directory accounts; combining the security benefits of centralized user account management (such as centralized password policy and account expiration) with the benefits of organizational and role-based access control in Snow License Manager.