Locking Users Out When Doing System ChangesLocking Users Out When Doing System Changes

What

If you want to prevent Users having access to their Pure - maybe because you are upgrading or during maintenance of Pure - and is using a SSO for access, this information below may be useful.

How

If the users are "authenticated by external system", then you can do the following:

• Create one or two Administrator users that are not authenticated; so do not have the "authenticated by external system" checked in the user setup, if they do not exist already.
• Once you do this, first test that those users can access your Pure without using SSO. To bypass SSO use "...admin/login.xhtml" at the end of url, this should bring you to the normal Pure login screen.
• Once you confirm these users can log into Pure without SSO we recommend that you turn off SSO.
  • To turn this off go to Administrator > Security > Admin > Authentication mechanisms, and click "Edit" next to your authentication method and uncheck "Active" and save.
• When you are ready for your users to access again, then you can go back into Administrator > Security > Admin > Authentication mechanisms and click "Edit" next to your authentication method and check "Active" and save to re-enable SSO.

Again, we strongly recommend that before turning off SSO you test the Administrator users you created to make sure they can access your system without SSO (bypass SSO by adding "...admin/login.xhtml" to the end of your URL).

It would also be a good idea to warn your users that they will be unable to access your system by creating a system message by going to Admin > Messages and text ressources > System messages.

More information