Configure operational tenants

Impersonation enables users to use the account of the system user superuser to perform administration tasks.

To enable Tenant Management to establish connections to tenants, the user superuser must have all function privileges required for backup and restore in all operational tenants and must be defined as a target for impersonation.

Prerequisite

You are a system user or have the User administrator and Impersonation function privileges.

Procedure

  1. Open ARIS Administration for an operational tenant, for example, http://<server name>:<port>/#default/home).
  2. Log in as a system user or a user with the User administrator and Technical configuration administrator function privileges.
  3. Click your name > Administration. ARIS Administration opens.
  4. Click Configuration Configuration.
  5. Click User management User management.
  6. Select the Users entry in the drop-down list.
  7. Click General.
  8. Click Edit Edit.
  9. Click in the Impersonation target users field.
  10. Enter the user name superuser.

    If the ARIS server was updated, make sure to reenter the user name for all operational tenants in the Impersonation target users field again.

  11. Click Save Save. All users that have the Impersonation and Tenant administrator function privileges on the infrastructure tenant take on the identity of superuser and inherit all of the superuser privileges.
  12. Click User management User management.
  13. Select the user superuser. The details will be displayed.
  14. Click Privileges. The list of function privileges is displayed.
  15. Activate the function privileges required for backing up and restoring:
  16. Log out of ARIS Administration.

    The user superuser has the privileges to manage data for the default tenant.

  17. Enter the user superuser under Impersonation target users in all other operational tenants in your system in turn, and assign the required function privileges.

The user superuser has the privileges to manage all data for the tenants. All substitutes can log in using their user name and manage tenants on behalf of the system user superuser.