Menu
Amazon WorkDocs
Administration Guide

Amazon WorkDocs Console

The Amazon WorkDocs console is used to manage your Amazon WorkDocs directories and sites. The following operations can be performed with the Amazon WorkDocs console:

Create or Connect to a Directory

You use the Amazon WorkDocs console to create a cloud directory, or connect to your on-premises directory. For more information about creating a directory in the cloud, see Creating a Simple AD Directory. For more information about connecting to your on-premises directory, see Connecting to an On-Premise Directory.

Promote a User to Administrator

Use the Amazon WorkDocs console to promote a user to administrator. The user must be active to be promoted. For more information about activating a user, see Edit Users.

To promote a user to administrator

  1. Open the Amazon WorkDocs console at https://console.aws.amazon.com/zocalo/.

  2. In the Manage Your WorkDocs Sites page, select the desired directory and choose Actions and Set an Administrator.

  3. In the Set WorkDocs Administrator page, enter the user name to promote and choose Set Administrator.

You can also use the Amazon WorkDocs administration dashboard to demote an administrator. For more information, see Edit Users.

Delete a Site

Use the Amazon WorkDocs console to delete an Amazon WorkDocs site.

Warning

Deleting a site causes the loss of all user information and all files. You should only delete a site if you are absolutely sure this information is no longer needed.

To delete a site

  1. Open the Amazon WorkDocs console at https://console.aws.amazon.com/zocalo/.

  2. In the Manage Your WorkDocs Sites page, select the desired site and choose Actions and Delete WorkDocs Site.

  3. In the Delete Selected WorkDocs Site dialog box, choose if you also want to delete the user directory. This deletes the AWS Directory Service Simple AD or AD Connector directory that is used to store the Amazon WorkDocs user information. If you want to delete the directory, it cannot have any other AWS applications enabled. For more information, see Deleting a Simple AD Directory or Deleting an AD Connector Directory in the AWS Directory Service Administration Guide.

  4. Verify that you are deleting the proper site, enter DELETE in the confirmation field, and choose Delete WorkDocs Site.

    The site is immediately deleted and is no longer available.

Multi-factor Authentication

You can enable multi-factor authentication for your AD Connector directory by performing the following procedure.

Note

Multi-factor authentication is not available for Simple AD directories.

To enable multi-factor authentication

  1. Open the Amazon WorkDocs console at https://console.aws.amazon.com/zocalo/.

  2. In the Manage Your WorkDocs Sites page, select the desired site and choose Actions and Manage MFA.

  3. Enter the following values and choose Update MFA.

    Enable Multi-Factor Authentication

    Check to enable multi-factor authentication.

    RADIUS server IP address(es)

    The IP addresses of your RADIUS server endpoints, or the IP address of your RADIUS server load balancer. You can enter multiple IP addresses by separating them with a comma (e.g., 192.0.0.0,192.0.0.12).

    Port

    The port that your RADIUS server is using for communications. Your on-premises network must allow inbound traffic over the default RADIUS server port (1812) from the AD Connector servers.

    Shared secret code

    The shared secret code that was specified when your RADIUS endpoints were created.

    Confirm shared secret code

    Confirm the shared secret code for your RADIUS endpoints.

    Protocol

    Select the protocol that was specified when your RADIUS endpoints were created.

    Server timeout

    The amount of time, in seconds, to wait for the RADIUS server to respond. This must be a value between 1 and 60.

    Max retries

    The number of times that communication with the RADIUS server is attempted. This must be a value between 0 and 10.

    Multi-factor authentication is available when the RADIUS Status changes to Enabled. During the time that the multi-factor authentication is being set up, your users are not able to log in to their Amazon WorkDocs site.

Single Sign-On

AWS Directory Service provides the ability for your users to access Amazon WorkDocs from a computer that is joined to the same directory that Amazon WorkDocs is registered with, without having to enter their credentials separately. For information about enabling single sign-on for your directory, see Single Sign-On in the AWS Directory Service Administration Guide.

Your Amazon WorkDocs users may need to modify their web browser settings to enable single sign-on. For more information, see Enabling Single Sign-On in the Amazon WorkDocs User Guide.