User groups

Users and privileges are managed centrally for all databases and ARIS products of an activated tenant. The role-dependent data access is controlled by access privileges and filters that are assigned per database in ARIS Architect on the Administration tab.

In ARIS Architect, click ARIS > Show Administration Administration.

When you create a database, all users and user groups from the user management are automatically imported into the database. Administrators assign function and access privileges, as well as filters to users and user groups in each database so that only authorized users can view certain database content or perform specified actions. Use the prefix management to track which user created or changed database items.

The administrator roles described in the following are defined via various privileges at the server and database level. Depending on the roles assigned to the administrators they can carry out specific functions.

superuser

The user superuser is created automatically. By default, this user is assigned the User management, License management, and Configuration administrator function privileges. This user can also enable this function privilege for other users. Users of the superuser type do not use up a license. They manage the system administration, but cannot use ARIS products due to license restrictions. The default password is superuser. You should change the default password to prevent unauthorized access. The password of the superuser is very important, as it is the only user who cannot be deleted. You can change all user data except for the user name. The superuser can recreate the other default users (system, arisservice, guest) if they were deleted.

system

The system user system assumes the administrator role of the system administrator and has all function and access privileges in all databases of a tenant. Authorized persons can use this emergency user to log in to any database, even if you are using an external system, such as LDAP, for authentication.

The name system cannot be changed. The System user check box for this user (Function privileges properties page in ARIS Architect) cannot be disabled either. You should immediately change the password manager to prevent unauthorized access.

To avoid problems, you should create additional system users. Having more than one system user can avoid problems, for example, if one system user has forgotten his password. If you forgot the passwords of all your system users, the full range of functions is no longer available and full data access is no longer possible.

The following administrator roles are defined:

Database administrators

Database administrators require the Database administrator function privilege in ARIS Administration. Users with this role have all function and access privileges and can edit data of all databases of the client.

Database administrators perform the following tasks at the server level:

Users with defined function privileges can perform additional actions at the database level.

Configuration administrators

A Configuration administrator requires the Configuration administrator function privilege in ARIS Administration.

They perform the following tasks:

Script administrators

Script administrators require the Script administrator function privilege in ARIS Administration.

Script administrators perform the following tasks:

Analysis publisher

Analysis publishers require the function privilege of the same name in ARIS Administration.

Analysis publishers perform the following actions:

Analysis administrators

Analysis administrators require the function privilege of the same name in ARIS Administration.

Analysis administrators perform the following actions:

Filter list

Reduces the number of users displayed.

Enter either the user name, the first or the last name and click Filter.

Filter

Reduces the number of entries according to the specified filter criteria.

<123...233> Entries per page

Number of pages and the number of entries per page.

To navigate please click a page number. You can change the number of pages by increasing or reducing the number of entries per page.

The page layout may take some time for a large number of entries.

Name

Name of the user group to whom you assign access privileges in this database.

Has access to database

Displays whether the administrator has assigned access privileges.