Skip To Content

Manage members

After you have added members to your organization, you can manage their accounts. Managing members includes modifying profiles, resetting passwords, disabling members, and deleting members. Managing members also includes changing their role or level.

Note:

Although anonymous users in your organization can search and use publically shared items, they cannot join groups or create and share content without an organizational account. If you want to give these members additional privileges, you can assign them to a role and membership level, which affects what they can do in the portal.

The actions you can perform when managing members depend on your privileges in the organization.

Modify profile

Modify a member's profile when you want to update their descriptive information, thumbnail, profile visibility, language, units, or email address.

  1. Verify that you signed in to your organization and have privileges to view member account information.
  2. Click the Organization button at the top of the site.
  3. In the row of the member whose profile you want to modify, click the action button Actions and click View Profile.
  4. Click Edit Profile. You can now change the member's name, description, thumbnail, profile visibility, language, units, and email address.
  5. Click Save to save your changes to the member profile.

Change member levels

Levels determine which privileges are available to members. Once assigned, levels can be changed by administrators.

  1. Verify that you are signed in to your organization and that you have administrative privileges.
  2. Click Organization at the top of the site.
  3. In the row of the member whose level you want to change, click the action button Action and click Change Member Level.
  4. In the Change Member Level window, change the level and click Change Member Level.
    Note:

    The member level can be changed from level 2 to level 1 as long as the following conditions are met:

    • The member does not own content or groups.
    • The member does not have licenses assigned to premium apps that are not included in level 1 membership.
    • The member does not belong to groups with the item update capability enabled.
    If the above conditions are not met, the administrator must reassign that member's content and groups, revoke the licenses, and remove the member from these groups before changing their member level.

Change member roles

A role defines the set of privileges assigned to a member. Once assigned, roles can be changed by administrators and those with privileges to change member roles. When you assign a role, a member level is also assigned.

  1. Verify that you are signed in to your organization and that you have privileges to change member roles.
    Note:

    Changing roles to or from administrator can be done by administrators only.

  2. Click Organization at the top of the site.
  3. In the row of the member whose role you want to change, click the Role drop-down arrow and choose the new role.

Reset password

Administrators (only) can reset passwords for members. The system provides a temporary password that you must share with the member so they can sign in. After the member successfully signs in with the temporary password, they will be prompted to change their password. If the member is currently signed in when you reset their password, they are immediately signed out.

Note:

You cannot reset passwords for enterprise logins.

  1. Verify that you are signed in as a default administrator of your organization.
  2. Click Organization at the top of the site.
  3. In the row of the member whose password you want to reset, click the action button Actions and click Reset Password.
  4. Inform the member of their new, temporary password.

When the member signs in using the temporary password, they will be immediately prompted to change their password.

Disable member

If you are an administrator of your organization or you have the correct privileges, you can disable members from your organization.

Disabling a member prevents the member from consuming organizational resources. This can be useful while you move their items to a different member. Disabled members cannot sign in to the organization, consume organizational resources, create content, or administer the site. They are still members and count toward the number of users in your organization.

If the member owns content or groups, you need to change ownership of the items to a different member before deleting the member. Once you've moved all the items, you can delete the disabled member from the organization. To learn more about how members are managed in the portal, see Managing access to your portal.

  1. Verify that you are signed in to your organization and that you have privileges to disable members.
  2. Click Organization at the top of the site.
  3. In the row of the member you want to disable, click the action button Actions and click Disable Member.

Delete member

If you are an administrator of your organization or you have the correct privileges, you can delete an individual member when you want to remove the account from your organization. You can also delete members in bulk using a command line utility. Only administrators can delete other administrators.

If the member owns content or groups, you need to change ownership of the items to a different member before deleting the member. You can do this individually for each member or in bulk using a command line utility.

If the member has licenses assigned, you must revoke the licenses before deleting the member. For some Esri products, such as ArcGIS Pro or Drone2Map for ArcGIS, licenses must be checked in by the user before you can revoke them.

If a member is deleted directly from the identity store, the member is retained in the portal. You'll need to delete the member manually in the portal. If the member owns content or groups, you need to change ownership of the items to a different member before deleting the member.

Member accounts that exist in the portal's built-in identity store are permanently deleted and cannot be recovered. Enterprise accounts are unregistered from the portal and retained in your identity store. If necessary, you can recover the enterprise account by adding it back to the portal.

Tip:

If you want to quickly assess which users in your organization are members of the portal, you can use the command line utility ListUsers to generate a text file that lists all the members in the portal. Use this utility to assess which users in your organization can be removed from the portal. The output text file can also be used as input to the DeleteUsers command line utility described below. For full instructions, see Listing members.

Delete a member using the portal website

  1. Verify that you are signed in to your organization and that you have privileges to delete members.
  2. Click Organization at the top of the site.
  3. In the row of the member you want to remove from the organization, click the action button Actions and click Delete Member.
  4. Click the Delete Member button in the pop-up to confirm you want to remove the member.
    Note:

    Only administrators can delete other administrators.

Delete members in bulk using a command line utility

Deleting members using the command line utility is appropriate if you need to remove a large number of members at once from your portal. You may do this periodically to keep the total membership count under control. You may also do this if you have recently upgraded your portal and must reduce the number of named users to the maximum allowed by your authorization file. For more information about this scenario, see Enforcement of named user licensing.

You'll use the DeleteUserscommand line utility that was installed with the software to remove members from the portal in bulk. The tool is located in the <Portal for ArcGIS installation location>/tools/accountmanagement directory. The tool takes a text file as input and must be run on the machine where the portal is installed.

Note:

The utility can only be executed by a built-in administrator account; you cannot use an enterprise administrator account. The built-in account you use can be the initial administrator account you set up when you configured the portal or another built-in account that has been added to the default administrator role. If you have deleted the initial administrator account and do not have any other built-in administrator accounts available, you will need to create one to execute the utility. For instructions, see the Built-in portal accounts section of Add members to your portal.

  1. Create a text file that contains the user names of members you want to delete from your portal. List each member's user name on a separate line. The following is an example:

    sarah
    robert
    james
    qing

    Note:

    You must specify the user name of the member. Do not use the full name of the member; the tool will ignore all entries that use the full name of the member. Also note that the user names you type in the text file must be in the same case as they are stored in the portal. You can run the ListUsers command line utility or check the Organization page of your portal website to see in what case the user names are stored.

  2. Save the text file.
  3. Run the DeleteUsers command line tool by specifying your text file as the tool's input, for example, ./DeleteUsers.sh --file /data/scripts/memberstodelete.txt.

    Tip:

    Be sure to use the correct case for command line options and file names.