What are server administrator roles?

Server administrators manage the servers and tenants of an ARIS system, that is, they are responsible for the technical system aspects:

Technical administrators

Technical server administrators usually manage the physical servers in the IT landscape, for example, database servers and Web servers. They can also perform additional tasks by taking on the role of site administrator. For this, they need the privileges of the various different administrator roles, or they can identify themselves as system user of databases.

ARIS administrator of ARIS Administration

The user superuser is created automatically. By default, this user is assigned the User management, License management, and Configuration administrator function privileges. This user can also enable this function privilege for other users. Users of the superuser type do not use up a license. They manage the system administration, but cannot use ARIS products due to license restrictions. The default password is superuser. You should change the default password to prevent unauthorized access. The password of the superuser is very important, as it is the only user who cannot be deleted. You can change all user data except for the user name. The superuser can recreate the other default users (system, arisservice, guest) if they were deleted.

Users and privileges are managed centrally in ARIS Administration for all ARIS products. The role-dependent data access is controlled by privileges and filters that are assigned per database.

If you have the ARIS Enterprise Admin license privilege and the Database administrator function privilege, you can manage all databases available on a tenant. If you select a database and click Properties Properties, you can manage the following:

Languages

For each database, you can manage the languages in which users can enter text, such as the names of models and objects, or other language-dependent attribute values. A set of database languages is provided automatically when a new database is created.

The selected language in which the user interface is displayed is automatically used as the database language. Users can change the language used or edit attribute values in multiple languages at the same time.

You can edit the attributes of models, objects, and connections. You can customize the Properties tab by using the More More menu of each attribute to see only the attributes with which you want to work.

In an open model, you can show additional attributes or specify whether and when attributes are to be shown.

Procedure

  1. Open the Properties tab of the Properties Details bar if it is not open.

  2. Click Edit language Edit language if you want to show an additional language column for language-specific attributes. You can select an additional database language and view and edit it next to the language currently used.

    You can show a column for another language next to the column with the original language. This way, you can compare and edit the content of language-dependent items in different languages side-by-side. For example, you can use this option to translate language-dependent content from one language to another.

    Procedure

    1. Open a model.

    2. Open the Properties tab of the Properties Details bar if it is not open.

    3. Click Edit language Edit language. A second column for language-dependent attributes is shown.

    4. Click the Down arrow down arrow in the header cell and select the required language. The content of the language column is displayed in the language you selected. If you change or enter attribute values for language-dependent attributes, it is done in the selected language.

      You can edit model, object, and connection attributes in various languages if they are not system attributes.

      Procedure

      1. Open a model.

      2. Open the Properties tab of the Properties Details bar if it is not open.

      3. Filter the attribute. If the attribute is not added to the Properties tab, add the attribute.

        In an open model, you can add model attributes and the attributes of objects or connections.

        Procedure

        1. Open the Properties tab of the Properties Details bar if it is not open.

        2. If you want to edit model attributes, ensure that no model item is selected.
          If you want to edit object or connection attributes, select the corresponding object or connection.

        3. Click Attributes Add attributes on the Properties tab. The Select attribute dialog opens.

        4. If you want to see only attributes with assigned values, enable the Show specified attributes only check box. You can use a search term to restrict the attributes displayed.

        5. Enter a search term for the attributes you want to display. The attribute type groups that contain attributes whose names contain the term you entered are expanded and the attributes are displayed.

        6. Enable the check boxes of the relevant attributes.

        7. Click OK.

        The Select attributes dialog is closed, and the selected attributes are added to the OTHER ATTRIBUTES category of the Properties tab. You can hide attributes of the OTHER ATTRIBUTES category.

        1. On the Properties tab, move the mouse pointer over the row of the attribute you want to hide.

        2. Click the Actions three dots at the end of the row. The attribute menu opens.

        3. Click Hide always Hide always if you want to hide the attribute, even if it has a value.
          Click Hide, if not specified Hide, if not specified if you want to hide the attribute if it is not specified, but should be displayed if a value has been entered.

        The attributes that you always hide remain hidden even if they have values.

        The attributes you hide with the Hide, if not specified Hide, if not specified option are hidden if they have no value or when you delete their values. If a value is entered for them, for example, in the modeling area, they are displayed again on the Properties tab.

      4. Show the required language column.

      5. Click in the cell behind the attribute name. The Edit dialog and the selected language column are shown. If required, you can enlarge the dialog.

      6. Make your changes. Different input options are available depending on the type of attribute. While you can enter text for text attributes such as names, you can, for example, select a number and a unit for times. You cannot change or delete the attribute values of attributes that the system defines. Such values are placed in gray cells, for example, Type.

      7. If you have specified your input for the language displayed and want to specify input for other languages, click the name of the selected language in the dialog. The list of available languages opens.

      8. Select another language and make your entries.

      9. Click OK.

      Your changes are saved in various languages.

    5. Click Hide language Hide language if you no longer need to display the second language. The additional column is removed, and only the column of the original language remains visible.

    You have used the language column to display attributes in different languages.

  3. Click Attributes Add attributes on the Properties tab. The Select attribute dialog opens.

  4. If you want to add only specified attributes, enable the Show specified attributes only check box. You can use a search term to restrict the attributes displayed.

  5. Enter a search term for the attributes you want to display. The attribute type groups that contain attributes whose names contain the term you entered are expanded and the attributes are displayed.

  6. Enable the check boxes of the relevant attributes.

  7. Click OK. The Select attributes dialog is closed, and the selected attributes are added to the Properties tab.

  8. On the Properties tab, click More More next to the attribute whose visibility you want to specify. The availability of menu items varies depending on the attribute.

    • Click Place attribute Place attribute and then the relevant position in the modeling area to display the attribute value in the model.

    • Click Delete Delete attribute if you want to delete the attribute value. You cannot change or delete the attribute values of attributes that the system defines. Such values are placed in gray cells, for example, Type.

    • Click Hide always Hide always if you want to hide the attribute from the Attributes tab even if a value has been specified. To display the attribute later, you must select it explicitly by clicking Add.

    • Click Hide, if not specified Hide, if not specified if you want the attribute to be displayed on the Attributes tab only if a value has been specified.

The attributes on the Properties tab are displayed according to your settings.

Prerequisite

The attribute you selected can be edited. You cannot change or delete the attribute values of attributes that the system defines. Such values are placed in gray cells, for example, Type.

Procedure

  1. Open a model.

  2. Open the Properties tab of the Properties Details bar if it is not open.

  3. If you want to edit model attributes, ensure that no model item is selected.
    If you want to edit object or connection attributes, select the corresponding object or connection.

  4. Filter the attribute. If the attribute is not added to the Properties tab, add the attribute.

    In an open model, you can add model attributes and the attributes of objects or connections.

    Procedure

    1. Open the Properties tab of the Properties Details bar if it is not open.

    2. If you want to edit model attributes, ensure that no model item is selected.
      If you want to edit object or connection attributes, select the corresponding object or connection.

    3. Click Attributes Add attributes on the Properties tab. The Select attribute dialog opens.

    4. If you want to see only attributes with assigned values, enable the Show specified attributes only check box. You can use a search term to restrict the attributes displayed.

    5. Enter a search term for the attributes you want to display. The attribute type groups that contain attributes whose names contain the term you entered are expanded and the attributes are displayed.

    6. Enable the check boxes of the relevant attributes.

    7. Click OK.

    The Select attributes dialog is closed, and the selected attributes are added to the Properties tab.

    You can hide attributes:

    1. On the Properties tab, move the mouse pointer over the row of the attribute you want to hide.

    2. Click the Actions three dots at the end of the row. The attribute menu opens.

    3. Click Hide always Hide always if you want to hide the attribute, even if it has a value.
      Click Hide, if not specified Hide, if not specified if you want to hide the attribute if it is not specified, but should be displayed if a value has been entered.

    The attributes that you always hide remain hidden even if they have values.

    The attributes you hide with the Hide, if not specified Hide, if not specified option are hidden if they have no value or when you delete their values. If a value is entered for them, for example, in the modeling area, they are displayed again on the Properties tab.

  5. Move the mouse pointer over the attribute.

  6. Use the edit buttons or click the attribute to change its value.

You have edited the attribute.

You can do the following:

Add language Add language

Add a language in which users specify text attributes, such as the names and descriptions of database items.

  1. Click Application launcher Application launcher > Administration Administration > Configuration Configuration > Databases.

  2. Selected items Select the database and click Properties Properties > Database languages Languages.

  3. Click Add language Add language.

  4. Select the required language from the listed system languages that are available on your machine.

  5. Enable the Default language check box if you want to use this language as the default language. The default language of a database is used to display text that was not entered in the current language.

  6. Select the font that you want to use for this language. Do not select fonts written in red. These fonts cannot display letters in the selected language.

  7. Select the related script. The script defines the font family for which the font is used, for example, Western or Japanese.

  8. Select the color, style, and the font size as required.

  9. Click Add language.

The language is available to all users of the database.

Edit font Edit font used for a language

The text font is selected when adding a language to a database. You can change this font.

  1. Click Application launcher Application launcher > Administration Administration > Configuration Configuration > Databases.

  2. Selected items Select the database and click Properties Properties > Database languages Languages.

  3. Selected items Select the language and click Edit font Edit font.

  4. Select the font that you want to use for this language. Do not select fonts written in red. These fonts cannot display letters in the selected language.

  5. Select the related script. The script defines the font family for which the font is used, for example, Western or Japanese.

  6. Select the color, style, and the font size as required.

  7. Click Change font.

Text in this language uses the selected font.

Set as default Use as default language

To ensure that users can read text regardless of the selected language, you can choose a default database language. The default language of a database is used to display text that was not entered in the current language. For example, names that are not entered in the current language are otherwise displayed as <Untitled>, which makes work more difficult. If users enter all language-dependent text attributes in the default language, the displayed written text is legibly, though not uniformly in one language.

To change the default language, proceed as follows.

  1. Click Application launcher Application launcher > Administration Administration > Configuration Configuration > Databases.

  2. Selected items Select the database and click Properties Properties > Database languages Languages.

  3. Selected items Select the language in which all attribute values are specified and click Set as default Use as default.

The selected language is used as an alternative database language. Note that you must enter all language-dependent attribute values in the selected language to prevent items from being displayed as <Untitled>.

Delete Delete a database language

Delete database languages that are no longer required.

  1. Click Application launcher Application launcher > Administration Administration > Configuration Configuration > Databases.

  2. Selected items Select the database and click Properties Properties > Database languages Languages.

  3. Selected items Select the languages you want to delete. You cannot delete the default language.

    Warning

    If you delete a language, all attributes specified in the deleted language are also deleted from the database. To prevent data loss, back up the database before you delete languages.

  4. Click Delete.

The selected languages are no longer available. All attributes specified in the deleted languages are deleted.

Font formats

A font format is a kind of template to represent a font. This set of global parameters defines the appearance of text characters in a specific style and size for a particular language.

Font formats that you create for databases define the representation of database content in models. These font formats are available only in the database for which they are created. This enables you to individually design models and deviate from the conventions defined for your company. Font formats are closely related to templates. To ensure that the models comply with the conventions of the corporate branding, assign the correct template. When users assign a template to a model, the font formats used in the template are automatically created in the font format management of the related database. Only font formats used in attributes and related objects that occur in models are added. Not adding unused fonts ensures that the size of the database volume is manageable.

If no template was assigned, the default font format of the database is used.

You can do the following:

Add font format Create font format.

Add font formats that you use to format individual models. You can also set a font format as the default font format for the database.

  1. Click Application launcher Application launcher > Administration Administration > Configuration Configuration > Databases.

  2. Selected items Select the database and click Properties Properties > Font format Font formats.

  3. Click Add font format Create font format.

    All attributes are displayed in the language with which you logged in.

  4. Select the configuration language in which you want to enter the name. The font format is automatically applied to the selected language.

    Use configuration languages to specify the names and descriptions of all items that are managed in the Configuration section for this tenant, such as method items, filters, templates, font formats, content type sets, and evaluation scripts.

    The Configuration administrators create the set of configuration languages that are available on a tenant.

    Warning

    You must enter a name in each related language. If you do not enter the name for a specific language, the font format is displayed as (Untitled) and anyone who uses the language will not be able to find the font format.

  5. Select the font that you want to use for this font format in the selected language. Do not select fonts written in red. These fonts cannot display letters in the selected language.

  6. Select the related script. The script defines the font family for which the font is used, for example, Western or Japanese.

  7. Select the color, style, and the font size as required.

  8. Select Use as default if you want to use the font format as default for this database.

  9. Click Apply.

The font format is added.

Users can use the font format for individual models or you can assign it to the database as the default font format.

Copy Copy

For each database, you can copy and modify font formats that you can use when no templates are assigned to models.

  1. Click Application launcher Application launcher > Administration Administration > Configuration Configuration > Databases.

  2. Selected items Select the database and click Properties Properties > Font format Font formats.

  3. Selected items Select the font format and click Copy Copy.

The copied font format is added to the list. The number added indicates the copy.

You can modify the font format. Users can use the font format for individual models or you can assign it to the database as the default font format.

Delete Delete

You can delete font formats that are no longer in use.

  1. Click Application launcher Application launcher > Administration Administration > Configuration Configuration > Databases.

  2. Selected items Select the database and click Properties Properties > Font format Font formats.

  3. Selected items Select the font format and click Delete Delete.

  4. To confirm the action, click Delete.

The font format is deleted and no longer available.

After deleting a font format, the database elements that used the deleted font format switch to the default font format of the database.

Edit font Edit font format.

For each database, you can modify font formats that you can use when no templates are assigned to models.

  1. Click Application launcher Application launcher > Administration Administration > Configuration Configuration > Databases.

  2. Selected items Select the database and click Properties Properties > Font format Font formats.

  3. Selected items Select the font format and click Edit font Edit.

    All attributes are displayed in the language with which you logged in.

  4. Select the configuration language in which you want to enter the name. The font format is automatically applied to the selected language.

    Use configuration languages to specify the names and descriptions of all items that are managed in the Configuration section for this tenant, such as method items, filters, templates, font formats, content type sets, and evaluation scripts.

    The Configuration administrators create the set of configuration languages that are available on a tenant.

    Warning

    You must enter a name in each related language. If you do not enter the name for a specific language, the font format is displayed as (Untitled) and anyone who uses the language will not be able to find the font format.

  5. Select the font that you want to use for this font format in the selected language. Do not select fonts written in red. These fonts cannot display letters in the selected language.

  6. Select the related script. The script defines the font family for which the font is used, for example, Western or Japanese.

  7. Select the color, style, and the font size as required.

  8. Select Use as default if you want to use the font format as default for this database.

  9. Click Apply.

The font format is changed.

Set as default Use as default

For each database, you can select the font format that is automatically used if users have not assigned a template to models.

  1. Click Application launcher Application launcher > Administration Administration > Configuration Configuration > Databases.

  2. Selected items Select the database and click Properties Properties > Font format Font formats.

  3. Selected items Select the font format that you want to use and click Set as default Use as default.

The font format is automatically used to display model content when no template is assigned.

Change lists

A change list contains selected contents from a database that are versioned together and saved in a change list under a change list number. Change lists are sorted in ascending order.

Versioned database content can include individual models, multiple models without interdependencies, related models, group content, or the entire database contents.

A description of the change list characterizes the versioned contents. The change list description records who versioned which database content, when, and why. Opening a change list, Opening a change list displays the database content you selected for versioning. You can select models or the entire database content.

You can Delete Delete change list numbers that are no longer needed.

You can delete old versions of databases that are no longer in use. Deleting obsolete versions helps reduce the size of versionable databases and the time for backing up large databases.

  1. Click Application launcher Application launcher > Administration Administration > Configuration Configuration > Databases.

  2. Selected items Select the database and click Properties Properties > Change lists Change lists.

  3. Move the mouse pointer to the required change list number to keep and click Delete Delete. All previous versions of the database get deleted. The current change list number will remain as the oldest version.

    To prevent data loss, create a back up of the database that contains all versions.

  4. To confirm the action, click Delete.

All previous versions of the database are deleted. The change list from which you started the action is displayed as the oldest version of the database.

Variant management

Choose how to handle model and object variants in versionable database.

You can do the following:

Enable enhanced variant management.

You can enable enhanced variant management for versionable databases.

Prerequisite

  • You have the ARIS Enterprise Admin license privilege.

  • You have the Database administrator function privilege.

Procedure

  1. Click Application launcher Application launcher > Administration Administration. The Configuration Configuration view is shown.

  2. Click Databases.

  3. Selected items Select the database and click Properties Properties > Variant management Variant management.

  4. Enable the Enable enhanced variant management check box.

  5. In the breadcrumb navigation, click Databases. The list of the databases is displayed. If you want to create the master model in a language other than the current default language, perform the following steps.

  6. Click Properties Properties > Database languages Languages.

  7. For the language you want to set as the default language click Set as default Use as default. If the selected language is already the default language, Set as default Use as default is not available.
    If you want to use different languages for the master model and model variants, you must set the default language as the language, in which the master model is created.

  8. Exit the databases configuration.

You can use variant management for this database. Master owners can capture general processes in master models and trigger the roll-out across national borders. Variant owners must adapt the model variants to their country-specific requirements with system support.

_______________

Create the objects for reuse

Manage exclusion groups.

You can define exclusion groups to store objects to be excluded from variant creation. If model variants are created, objects stored in exclusion groups are placed as occurrence copies instead of object variants.

Warning

If you create an object collection before using the objects in models, keep in mind that objects not used in models are deleted during a database reorganization.

Define exclusion groups

You can define exclusion groups to store objects to be excluded from variant creation. If model variants are created, objects stored in exclusion groups are placed as occurrence copies instead of object variants.

Prerequisite

  • You have the ARIS Enterprise Admin license privilege.

  • You have the Database administrator function privilege.

Procedure

  1. Click Application launcher Application launcher > Administration Administration. The Configuration Configuration view is shown.

  2. Click Databases.

  3. Click Application launcher Application launcher > Administration Administration > Configuration Configuration > Databases.

  4. Click the name of the database in which you want to define an exclusion group and click Properties Properties > Variant management Variant management.

  5. Click Add exclusion group. The bar opens and you can expand the database groups.
    If you want to create a new group as an exclusion group, click Create group, enter a name, and click OK.

  6. Select the group you want to exclude from variant creation and click Add exclusion group. The selected group is listed.

  7. Follow the same steps to exclude other groups.

  8. Enable the check box Consider exclusion groups in ARIS Architect if the groups should also be considered as exclusion groups in ARIS Architect. If you have enabled the Enhanced variant management check box, Consider exclusion groups in ARIS Architect is gray because ARIS Architect does not provide enhanced variant management.

You defined the groups that contain objects, which are excluded from variant creation.

Remove exclusion groups

You can remove the Excluded status for groups so that variants are created instead of occurrence copies for the content when creating model variants.

Prerequisite

  • You have the ARIS Enterprise Admin license privilege.

  • You have the Database administrator function privilege.

Procedure

  1. Click Application launcher Application launcher > Administration Administration. The Configuration Configuration view is shown.

  2. Click Databases.

  3. Click Application launcher Application launcher > Administration Administration > Configuration Configuration > Databases.

  4. Click the database that contains the exclusion group you want to delete and click Properties Properties > Variant management Variant management.

  5. Enable the check boxes of the exclusion groups you want to remove so that variants can be created again for their contents.

  6. Click Remove exclusion groups.

  7. To confirm the action, click Delete.

The selected exclusion groups are removed.

Function privileges

To perform certain actions in a database, users need the related function privileges that you can assign for each database. The database-related function privileges come in addition to the function privileges that can be assigned tenant-wide in ARIS Administration.

You can assign function privileges to provide users and user groups with specific functionality and thus control their authorizations across a database.

Attribute formatting

Users with this function privilege can format text attributes.

Change Management

Users with this function privilege can:

  • modify proposals

  • propose and modify measures

  • specify end dates for measures

  • set priorities

  • define persons responsible

Database backup

Users with this function privilege can back up the database.

Database export/import

In ARIS Architect, users can transfer content from one database to another.

Database management

Users with this function privilege can:

  • edit database properties

  • edit database attributes

  • create, modify, and delete languages

Database reorganization

Users with this function privilege can reorganize the database.

Font format management

Users with this function privilege can create, change, or delete font formats in the database either in ARIS Administration or on the Administration tab in ARIS Architect.

Lock permanently

Users with this function privilege can lock group content, objects, and models during Release Cycle Management. Permanently locked database items are displayed, but they can only be edited by the user who locked them. This user and, in ARIS Architect, system users can remove the lock.

Method changes

Users with this function privilege can change the color or line weight of objects in models by changing the Fill color, Line color, Line style, and Weight boxes on the Format > Representation > Object appearance page.

As a result, only the appearance of this object occurrence differs from the default appearance defined in ARIS Method.

To change ARIS Method you need the Configuration administrator function privilege in ARIS Administration.

Prefix management

Users with the Prefix management function privilege can manage database prefixes and change this attribute for all database items for which they have the Write access privilege.

Prefixes of a database are managed on the Administration tab on the Identifier properties page. By assigning a particular prefix to a user, you can identify the users who have created database items.

Report automation

Users with the Report automation function privilege can run reports as scheduled reports. The group Scheduled reports is displayed in the Explorer tree.

Show user management

Displays the database items Users and User groups on the Administration tab. Users with this function privilege cannot edit users/user groups.

User management

Displays the database items Users and User groups on the Administration tab.

In ARIS Architect, click ARIS > Show Administration Administration.

Users with this function privilege can edit user groups and users who are not system users.

Users can only assign privileges which they have themselves.

In addition to database-wide functional privileges, there are tenant-wide functional privileges.

Function privileges provide users with specific functions and control their privileges. Additionally, the user must be assigned to a license privilege. You can assign function privileges to users or user groups. Additional privileges can be assigned in each ARIS product at the database level.

You can do the following:

Manage function privileges.

Users and user groups that have the Database administrator function privilege in ARIS Administration automatically have all function privileges and access to all the databases of a tenant. You cannot change privileges of database administrators or tenant-wide system users.

  1. Click Application launcher Application launcher > Administration Administration > Configuration Configuration > Databases.

  2. Selected items Select the database and click Properties Properties > Access privileges Function privileges.

  3. Click User groups or Users and click the user groups or users to which you want to grant function privileges.

  4. Enable the required privileges.

    If you selected Users, you can see the function privileges that are individually assigned to the user, the privileges the user inherited from the user groups, and the sum of privileges the user has.

Single users or members of user groups receive all the function privileges granted for this database. This changes the privileges in ARIS only. The function privileges of a user in ARIS Administration are not affected.

Manage system users for a database.

System users have all function and access privileges in a database. To be on the safe side, create additional system users besides the system user system.

  1. Click Application launcher Application launcher > Administration Administration > Configuration Configuration > Databases.

  2. Selected items Select the database and click Properties Properties > Access privileges Function privileges.

  3. Click Users and use the filter to navigate to the related user that you want to make a system user for this database.

  4. Enable the System user check box.

The user receives all function and access privileges for this database. This changes the privileges in ARIS only. The function privileges of a user in ARIS Administration are not affected.

To reject system user privileges, clear the respective check boxes. If the Database administrator function privilege was assigned to a user in ARIS Administration, this user has full access to all databases of the tenant. For such users, you cannot disable the System user check box. System users can only revoke privileges from users that are system users in single databases.

Access privileges

Use access privileges to control which data is accessible to users. Based on their access privileges, users can see, comment, create/edit, delete, or version models and objects.

You can do the following:

Allow user groups or single users access to database groups.

To view, comment, edit, delete, and version database content, users need access privileges to the related database groups. To save time, you can grant access to user groups so that all members have access to the selected database groups. You can also grant access to individual users. Users that have the Database administrator function privilege in the ARIS Administration automatically have access to all the databases of a tenant. You cannot change privileges of database administrators or tenant-wide system users.

  1. Click Application launcher Application launcher > Administration Administration > Configuration Configuration > Databases.

  2. Selected items Select the database and click Properties Properties > Access privileges Access privileges.

  3. Select the database group for which you want to change access privileges for user groups or users. Click the Expand Expand and Open menu Collapse icons to navigate the hierarchy, or use the Filter filter to find database groups. You can create missing subgroups.

    On the right-hand side, all user groups are listed to which you can grant access privileges. If you select Users, all users are listed.

  4. Click Edit Edit to manage the access privileges of selected user groups. For selected users, you can only manage access privileges that were individually granted to the users.

  5. Select the required set of access privileges to be granted.

    No access (----)

    Users see the group structure of the database. Group contents are not displayed.

    Read (r---)

    The group content is displayed. Users can open models but neither change models and objects, nor add or delete new items.

    Read + Comment (rc--)

    The group content is displayed. Users can use all functions of Collaboration in ARIS.

    Read + Write (rw--)

    The group content is displayed. Users can change models and objects, add new items, delete object occurrences from models, but not object definitions.

    Read + Write + Delete (rwd-)

    The group content is displayed. Users can modify models and objects and add and delete items.

    Read + Version (r--v)

    The group content is displayed. Users can open and version models but neither change models and objects, nor add or delete new items.

    Read + Comment + Version (rc-v)

    The group content is displayed. Users can use all functions of Collaboration in ARIS and open and version models. Users cannot add, change, or delete database items.

    Read + Write + Version (rw-v)

    The group content is displayed. Users can change models and objects, add new items, delete object occurrences from models, and version models. Object definitions cannot be deleted.

    Read + Write + Delete + Version (rwdv)

    The group content is displayed. Users can modify models and objects, add and delete items, and version models.

  6. If you want to only grant access to the selected database group, click Apply. If you want to grant access to all subordinate database groups as well, click Pass on.

Access privileges have been granted.

Create database group.

Add database groups to databases.

  1. Click Application launcher Application launcher > Administration Administration > Configuration Configuration > Databases.

  2. Selected items Select the database and click Properties Properties > Access privileges Access privileges.

  3. Click the Expand Expand and Open menu Collapse icons to navigate the hierarchy, or use the Filter filter to find database groups.

  4. Select the database group to which you want to add the subordinate group.

  5. Click Create group.

  6. Specify the name of the group and click Create group.

The database group is added. Access permissions are the same as the ones granted for the superior database group.

Change the access permissions if required.

Statistics

The Statistics page gives you an overview about the size and numbers of items available in each database of the tenant. The information provided can help you to reduce the size of a database. Reducing the database size can improve the performance. Use the Show statistics about list to enable the database items that you want to see in the dashboard of the selected chart type.

If you observe basic factors from the start, you can optimize a database's size in terms of content. This results in faster database operations, such as backup and restore. Furthermore, administrative tasks become significantly easier. Consider this example: If you assign or change access privileges through the user groups, you do this only once for all users of the user group, instead of repeating the procedure for each user.

  • Just create the required user groups and delete user groups that you no longer need.

  • Delete database languages that are no longer in use from the database and the configuration. If a language comes back in use, you can create it again.

  • Create only those font formats that you use and delete the ones you do not require.

  • Create only the filters and templates that you use, and delete the ones you do not require. The Filters are not stored in the databases but will users to work only with the items they require.

  • Assign users access privileges to users through the user groups.

  • Reduce the size and resolution of images and embedded objects. For example, you can insert large logos in models and reduce their display size later, but they still take up the space required for their original size. If models with logos are versioned, the logos even take up this space in the database multiple times.

  • Distribute objects in different groups. For example, this makes sense because the group structure of a database reflects organizational structures of an environment. In this case, it makes no sense to save all object in the main group, for example. Database operations are faster if each group contains up to 1000 objects.

  • Therefore, it is recommended that you keep only objects that you really need in the database. If objects that no longer have any occurrences in any model have piled up, create a database backup and reorganize. During the reorganization, all objects that no longer have occurrences in any model are deleted.

  • Use suitable model sizes. The large size of a model that contains many objects affects both the model legibility and performance.

  • Modeling

    • Use occurrence copies if you want to use the same object in different models.

    • Use variants only for models and objects that differ. When creating model variants, you can decide which objects are to be created as a new variant, for which objects existing variants are to be used, and for which objects occurrence copies are to be created.

  • Versioning

    • Version only models that must be versioned. If you version the entire database every time, it becomes very large.

    • Do not create versions to save intermediate results. For this, we recommend database backups.

    • Delete versions you no longer need.

The Statistics dashboard gives an overview about all items stored in a database.

  1. Select the database and click Properties Properties > Statistics Statistics. The dashboard shows the number of database items (default selection).

  2. Expand list Expand the Show statistics about list and select the database items that you want to see in the dashboard. Your selection only remains until you log in again.

  3. If required, select another chart type to display the result as bars or pie chart.

The chart is displayed.

To print the chart, download the chart as a graphic, or download the used data set, click the Chart menu.

Identifier

By assigning identifiers to users, you can identify the users who created database items. If you activate Identifiers, the Identifier attribute is specified for each created database item. Therefore, the individual identifier assigned to a user is used as a prefix and a sequential number is added. If no individual identifier has been assigned to users, the default identifier of the database is assigned automatically. STD is used by default. You can manage identifiers if you have the database-related Prefix management function privilege.

You can do the following:

Add font format Create identifier

Add identifiers that you can assign to users of the database.

  1. Click Application launcher Application launcher > Administration Administration > Configuration Configuration > Databases.

  2. Selected items Select the database and click Properties Properties > Identifiers.

  3. Click Add font format Create identifier.

  4. Specify the identifier. You can enter up to 20 characters without blanks, such as @ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~.

    Identifiers are always saved in uppercase. Lower case letters are converted automatically into uppercase letters.

  5. If you want to use the identifier as default identifier for the database, enable Use as default.

  6. Click Create.

The identifier is available.

You can assign identifiers to users. Identifiers are specified for database items if you have activated automatic ID assignment.

Activate Activate identifiers

Automatically specify the Identifier attribute value for new database items. If you have assigned individual identifiers to users, the related value is used. If no individual identifier is assigned, the default identifier is specified.

  1. Click Application launcher Application launcher > Administration Administration > Configuration Configuration > Databases.

  2. Selected items Select the database and click Properties Properties > Identifiers.

  3. Click Activate Activate identifiers.

You have activated automatic ID assignment so that you can identify the users who created database items.

If you no longer need to identify users, click Deactivate Deactivate identifiers.

If you select an identifier, you can do the following:

Edit font Edit identifier

You can change the identifier.

  1. Click Application launcher Application launcher > Administration Administration > Configuration Configuration > Databases.

  2. Selected items Select the database and click Properties Properties > Identifiers.

  3. Selected items Select the identifier and click Edit font Edit.

  4. Change the identifier and click Update.

The identifier was changed.

The changed identifier is specified for new database items when ID assignment is activated. Former Identifier attribute values remain.

Delete Delete identifier

You can delete identifiers you no longer need.

  1. Click Application launcher Application launcher > Administration Administration > Configuration Configuration > Databases.

  2. Selected items Select the database and click Properties Properties > Identifiers.

  3. Selected items Select the identifier and click Delete Delete.

  4. To confirm the action, click Delete.

The identifier is deleted.

From now on, the default identifier of the database will be used for those users that had the deleted identifier assigned.

Set as default Use as default

For each database, you can select an identifier that is automatically used for users who have no individual identifier assigned.

  1. Click Application launcher Application launcher > Administration Administration > Configuration Configuration > Databases.

  2. Selected items Select the database and click Properties Properties > Identifiers.

  3. Selected items Select the identifier and click Set as default Use as default.

In this database, the identifier is used as default.

Assign identifier to user

You can assign identifiers to users to identify the users who created database items.

  1. Click Application launcher Application launcher > Administration Administration > Configuration Configuration > Databases.

  2. Selected items Select the database and click Properties Properties > Identifiers.

  3. Click User assignment.

  4. Selected items Select the users and click Edit font Assign identifier. All identifiers of the database are shown.

  5. Select the required identifier and click Apply.

The identifier is used for the selected users. You can change the assignment any time.

The identifier is specified for new database items when identifiers are activated.

Method filters

By assigning method filters to users or user groups, users only have access to a subset of ARIS Method. Filters provide users with only the information and methods relevant to them. To assign method filters to users or user groups, do the following:

  1. Click Application launcher Application launcher > Administration Administration > Configuration Configuration > Databases.

  2. Selected items Select the database and click Properties Properties > Method filters.

  3. Click User groups or Users and click the user groups or users to which you want to assign filters.

  4. Enable the required method filters.

    If you selected Users, you can see the filters that are individually assigned to the user, the filters the user inherited from the user groups, and the sum of filters the user has.

Single users or members of user groups can use all method items contained in the filters assigned.

Alfabet connection

You can connect any ARIS database with an Alfabet system. When you have configured the Alfabet import, users can reuse objects from connected ARIS databases and Alfabet databases and switch to the other system. To connect a database to an Alfabet system, do the following:

  1. Click Application launcher Application launcher > Administration Administration > Configuration Configuration > Databases.

  2. Selected items Select the database and click Properties Properties > Alfabet configuration. The Alfabet integration settings of database "..." bar opens.

  3. In the Web service URL field, enter the URL to the Alfabet Web application. The URL is used for accessing the Alfabet Web service (Alfabet RESTful API). The Web service URL is required for exchanging data.

  4. In the User interface URL field, enter the URL to be used for accessing the Alfabet user interface. This URL is required to enable users to navigate to Alfabet objects from ARIS.

  5. In the User name and the API password/token fields, specify the user credentials as required.

    For more information about the password and token, and authorization, see the Alfabet Interface for RESTful Web Services manual. You can open or download documents and the Technical Help from the Documentation Web site. Documentation is also contained in the ARIS installation package that is available in the ARIS Download Center.

    Warning

    For security reasons, we recommend that you use Alfabet RESTful API version 2. Do not activate Alfabet REST API v1 (not recommended). Software AG strongly recommends to switch to Alfabet RESTful API version 2 as soon as possible.

  6. Select the required synchronization options for objects and connections whose mapped objects or connections no longer exist in Alfabet. The selected actions are executed automatically during data synchronization.

    Objects

    Do not change

    Mapped objects that no longer exist in Alfabet remain unchanged in the ARIS database.

    Delete mapping

    Deletes mappings from ARIS objects whose mapped objects no longer exist in Alfabet.

    This cannot be undone.

    Mark objects as deleted

    Identifies all ARIS objects whose mapped Alphabet objects are no longer available.

    For these objects, the Alfabet - Deletion candidate attribute (AT_ALFA_DELETE_CANDIDATE, 4152) is set to true.

    Delete objects

    Deletes ARIS objects whose mapped objects no longer exist in Alfabet.

    This cannot be undone.

    Connections

    Do not change

    If connections between Alfabet objects were modified or deleted in Alfabet, these connections remain unchanged in the ARIS database.

    Delete mapping

    Deletes mappings from ARIS connections whose corresponding connections no longer exist in Alfabet.

    This cannot be undone.

    Mark connections as deleted

    Identifies all ARIS connections whose related Alphabet connections are no longer available in Alfabet.

    For these connections, the Alfabet - Deletion candidate attribute (AT_ALFA_DELETE_CANDIDATE, 4152) is set to true.

    Delete connections

    Deletes ARIS connections whose related connections no longer exist in Alfabet.

    This cannot be undone.

  7. Click Test connection to validate the specified values.

  8. If the test was successful, click Save to close the dialog.

The database is connected to the Alfabet system.

ARIS Administration also provides command-line tools for administration.

ARIS provides a set of command-line tools that can be used to perform administrative operations.

There are always at least two tenants, the tenant default and the tenant master. Most command-line operations require user authentication. The provided user must have sufficient permissions to perform the requested operation, for example, a tenant create, read, update or delete can only be performed by administrators of tenant master.

  • ARIS must be running.

  • The command-line tools must be executed in the following path:

    ARIS installation path>/server/bin/work/word_umcadmin_< your installation size, for example, s,m, or l>/tools/bin for Windows® operating systems

    and

    ARIS installation path>/cloudagent/bin/work/word_umcadmin_< your installation size, for example, s,m, or l>/tools/bin for Linux operating systems.

The following command-line tools are provided:

For more information about parameters and commands please type the tool name followed by /? or -?, for example y-datadump.bat -?.

For Unix operating systems, command-line tools (sh files) can only be started by the aris10 user, for example, enter: su -c y-datadump.sh aris10.

The following command-line tools are provided:

ARIS Server Administrators

ARIS server administrators monitor the system and manage ARIS server and tenant data using different tools:

ARIS System Monitoring

The monitoring of physical resources is important to keep ARIS running properly. You can monitor the system using the ACC interface or ACC commands.

ARIS Server Administrator command-line tool

The command line tool ARIS Server Administrator is available if you have installed ARIS server or the ARIS Administrator Tools (see Technical Help ARIS client Installation Guide. You can open or download documents and the Technical Help from the Documentation Web site. Documentation is also contained in the ARIS installation package that is available in the ARIS Download Center.

If you have installed ARIS server, navigate to ARIS installation path>\server\bin\work\work_abs_<s, m, or l>\tools\arisadm and run the batch file.

On Linux operating systems ARIS Server Administrator (arisadm.sh) is available if the aris10adm-<number>-1.x86_64 file was installed (see ARIS server Installation - Linux).

You can start ARIS Server Administrator from any client computer and access the databases on the server:

  1. Click Start > Programs > ARIS > Administration > ARIS Server Administrator 10.0 if you accepted the program group suggested by the installation program. Under a Linux operating system, execute the arisadm.sh shell script instead. To do so, enter: su -c arisadm.sh aris10. The command prompt opens and ARIS Server Administrator is launched in interactive mode.

  2. Establish a connection to the ARIS server and tenant:

    Syntax: server <ARIS server name>:<port number> <tenant> <user name> <password>

    Example: server arissrv:1080 default system manager or server arissrv:443 default system manager -ssl

ARIS Server Administrator is connected to the server.

Enter help or help <command> to get information about the usage of the commands.

Use the console application ARIS Server Administrator to back up or restore a tenant configuration or to manage the ARIS databases of a tenant, for example. The individual commands are transferred as command line parameters. The program provides information on the success and effect of each command executed.

You can start ARIS Server Administrator from any computer on which the ARIS client is installed either in interactive mode or command-line mode. In command-line mode you can perform actions automatically as there are no prompts in this mode. If you log in as a system user that has at least the Database administrator function privilege in ARIS Administration for each tenant, you can manage all databases of this tenant.

You start interactive mode by clicking Start > Programs > ARIS > Administration > ARIS Server Administrator 10.0.

You start command-line mode by opening the command prompt from the directory <ARIS installation directory>\tools\ArisAdm.

You can use the following commands and options for the syntax of command-line mode:

<_arisadm><version>.exe [<option>] <command> [<command argument 1>]

or for the syntax of interactive mode:

<command> [<command argument 1>]

  • If you use values with special characters (example: & in the password), you must enclose the value in quotes. For additional information, please refer to the help and support center for your operating system.

  • On the server, system messages in ARIS Server Administrator are always output in the ARIS installation language.

  • For example, if you use scripts for daily backups, we strongly recommend that you protect these scripts at the operating system level, or enter passwords encrypted.

Option

Description

-s <server[:<port>]>

Server on which the command should be carried out.

-u <user> <password>

User name and password of a system user with the required privileges.

-l <file name>

Enables the logging of all program operations in the specified log file. The file indicates which operation was performed at what time and with what result.

-enc IBM<code page number>

Specifies a code page to display diacritical characters correctly. If you do not enter an option parameter, the original character set of IBM PC 437 is used.

If diacritical characters, such as é, ó or ñ used in Spanish, Portuguese or French are displayed as é, ó, or ñ, enter the option -enc IBM850.

If problem occur in other languages, try other code page numbers, such as:

850 Multilingual (DOS-Latin-1), Western Europe

720 Arabic alphabet

737 Greek alphabet

775 Estonian, Lithuanian, and Latvian alphabet

852 Slavic languages (Latin-2), Central and East Europe

855 Cyrillic alphabet

857 Turkish alphabet

-cf <command file>

Starts a command file containing executable commands.

-sc <schema context>

Context the schema uses. ARIS is set as the default.

-t <tenant>

Tenant for which the command should be carried out. The default is no tenant.

-ssl

The SSL connection used.

Replace the text surrounded by <pointed brackets> by your individual values. The parts of the command that are surrounded by [brackets] are optional. You can use them if necessary. Default commands are listed below. Advanced commands are described in related documents if required.

Command

Description and syntax

backup

Saves a database <dbname> as an adb file in a directory <archivedir>.

If the backup is started using the -c option, saving the database to the backup file starts only after all ongoing operations, such as a merge procedure or an XML import, are complete.

Syntax

backup <dbname>|-c |all <archivedir> [-p <password for encryption>] [<alternatename>]

backupasn

Extracts the state that corresponds to the specified change list number <asn> from a versioned database <dbname> to an ADB file in the directory <archivedir>. You can select either a change list number <asn> or 'head' as a state. 'head' represents the last versioned state

Syntax

backupasn <dbname>|all <archivedir> <asn>|head [-p <password for encryption>] [<alternatename>]

backupsystemdb

Saves the central system database that contains data such as filters, model templates, and scripts in an ADB file in a directory <archivedir>.

Syntax

backupsystemdb <archivedir> [<alternatename>]

backupunversioned

Saves a versioned database <dbname> as a non-versioned ADB file in a directory <archivedir>.

Syntax

backupunversioned <dbname> <archivedir>

clearchartdata

Removes statistics data that is used, for example, to generate charts displayed in ARIS Administration > Charts > Modeling. You can remove statistics data for one or all databases entirely or ahead of a certain date. The date must be given as dd/mm/yyyy.

Syntax

clearchartdata <dbname> [date]

<dbname>: If you enter the name of a database, only statistic data of this specific database is deleted.

all: Deletes statistic data of all databases on this tenant.

date: Deletes statistic data from a certain date [dd/mm/yyy].

copy

Copies a database from <fromdbname> to <todbname>.

Syntax

copy <fromdbname> <todbname>

createdb

Creates a new ARIS database with the name <dbname>.

Syntax

createdb <dbname> [versioned]

delete

Deletes the database <dbname>. When using the force option, the database will be deleted even if users are logged in.

Syntax

delete <dbname>|all [force]

dropversions

Deletes all versions of a database <dbname> up to the version <new min version>.

Syntax

dropversions <dbname> <new min version>

encrypt

Encrypts passwords <password> for use in batch files.

Syntax

encrypt <password>

exit

Exits the interactive mode.

exportscript

Exports a script of type <MACRO|REPORT|REPORTTEMPLATE|SEMCHECK|PROFILE> with the identifier <scriptid> to an export directory <exportdirectory>.

Syntax

<MACRO|REPORT|REPORTTEMPLATE|SEMCHECK|PROFILE> <scriptid> <exportdirectory>

help

help provides an overview of all commands including syntax description and possible parameters. help <command> provides help for the command you specified.

Syntax

help [<command>]

importfilter

Imports a method filter <importfile>.

Syntax

importfilter <importfile>

importscript

Imports a script <importfile> of type <MACRO|REPORT|REPORTTEMPLATE|SEMCHECK|PROFILE> in the specified category <categoryname>.

Syntax

importscript <MACRO|REPORT|REPORTTEMPLATE|SEMCHECK|PROFILE> <importfile> <categoryname>

indexstate

Displays the status of the internal cloud search data index.

Syntax

indexstate <database name>

interactive

Starts the program in the interactive mode.

kill

Closes the connection <sessionid> of the current tenant.

Syntax

kill <sessionid>|all

killtask

Terminates the given server activity <taskid> on instance <instanceid>, for example, a report that is unable to complete.

Syntax

killtask <instance id> <task id> [force]

To obtain the <instanceid> and <taskid> identifiers, use the monitor command.

list

Lists all of the tenant's registered databases. By default, only the databases of the current schema context will be listed. When using the all option, all databases will be listed (including BO databases, for example).

Syntax

list [all]

lockdb

Locks the database with the name <dbname>, or all databases. Users can no longer log in.

Syntax

lockdb <dbname>|all

maintain

Starts the regeneration of search indexes (Cloud Search) for the specified ARIS database or all ARIS databases. Given the fact that running this command may be very time-consuming, it is recommended that you run it only if an error occurs and that you schedule a corresponding maintenance window.

Syntax

maintain <dbname>|all

maintainancemode

Indicates the current maintenance mode. maintenancemode on prevents ARIS server from automatically updating databases. This can help you reduce the downtime after an ARIS server update because time-consuming maintenance jobs are automatically stopped for all databases. If you use this option, make sure to run the maintain command manually for related databases if required. If you select maintenancemode off, all database maintenance jobs are run again.

Starts the regeneration of search indexes (Cloud Search) for the specified ARIS database or all ARIS databases. Given the fact that running this command may be very time-consuming, it is recommended that you run it only if an error occurs and that you schedule a corresponding maintenance window.

Syntax

maintain <dbname>|all

Syntax

maintainacemode on|off

no parameter: Reports the current mode.

on: Turns the maintenance mode on and prevents ARIS server from maintaining databases.

off: Turns the maintenance mode off and allows ARIS server maintaining databases automatically.

migrate

Migrates an ARIS 7.1 or 7.2 database <dbname> from an ADB file <archive>, or migrates all ADB files from a directory <archivedir>. You need the password of the system user system to migrate an individual database. To migrate multiple databases the passwords must be supplied to every single database in command-line mode. Use the -fv option (forward versioning) to store database versions only for ARIS versions prior to 10.0.14.

Syntax

migrate [<archive>|<archivedir>]|<systempassword> [-fv]

monitor

Displays all tenant activities in progress, such as backup, XML export etc.

rename

Renames the database from <olddbname> to <newdbname>. When using the force option, the database will be renamed even if users are still logged in.

Syntax

rename <olddbname> <newdbname> [force]

reorg

Semantically reorganizes the database <dbname> or all databases by deleting all objects and connection definitions that do not have occurrences in any model.

Options available:

  • CXNDEFS_IN_MATRIX_MODELS

    Connection definitions for which no occurrence exists are not deleted when used in models of type Matrix model.

  • USERDEF_CONTENT_SYMBOLS

    User-defined symbols that are not allowed by ARIS Method on the current server are replaced by the method-based default symbol.

  • USERDEF_CONTENT_MODELS

    User-defined models that are not allowed by ARIS Method on the current server are deleted.

  • USERDEF_CONTENT_ATTRS

    User-defined attributes that are not allowed by ARIS Method on the current server are deleted.

  • NO_DEFS

    If you do not set an option, object definitions for which no occurrence exists are deleted by default.

Syntax

<dbname>|all [options]

restore

Restores a database <dbname> from an ADB file <archive>, or restores all ADB/BDB files from a directory. Use the -fv option (forward versioning) to store database versions only for ARIS versions prior to 10.0.14.

Syntax

restore <archive>|<archivedir> [<dbname>] [-p <password for decryption>] [-b <bucket ID>] [-fv]

restoresystemdb

Restores the central system database that contains data such as filters, model templates, and scripts from a system database backup file (ADB) <archive>. You can also update the system database using the updatesystemdb command

After performing an update setup, update the system configuration of each operational tenant (filters, templates, and scripts) based on the supplied system database (<ARIS installation package>..\Content\SystemDB\*.adb). Any content you have created is retained.

Syntax

updatesystemdb <archive>

You can execute the command for several tenants at the same time.

Syntax

restoresystemdb <archive>

restoreunversioned

Generates a non-versioned database <dbname> from an ADB file <archive> of a versioned database. Also restores databases based on multiple ADB/BDB files of a directory.

Syntax

restoreunversioned <archive>|<archivedir> [<dbname>] [-p <password for decryption>]

restoreversioned

Generates a versioned database <dbname> from an ADB file <archive> of a non-versioned database. Also restores databases based on multiple ADB/BDB files of a directory. In case the option -no_baseline is specified, no initial version in archive is created. Use the -fv option (forward versioning) to store database versions only for ARIS versions prior to 10.0.14.

Syntax

restoreversioned <archive>|<archivedir> [<dbname>] [-p <password for decryption>] [-no_baseline] [-fv]

schemacontext

Changes the schema context of the current tenant. Possible value is aris.

Syntax

schemacontext <new schema context>

server

Changes the current ARIS server.

Syntax

server <server[:<port>]> <tenant> <user> [<password>] [-ssl]

sessions

Displays all database connections of the current tenant.

Syntax

sessions [byuser|bydatabase]

set

Displays or changes tenant settings. If no parameters are specified, all settings are displayed. If only <key> is entered, all settings are deleted. If <key> is entered together with <value>, the settings are changed accordingly.

Syntax

set [<key>] [<value>]

setindexbucket

Specifies the bucket ID for a database.

Syntax

setindexbucket <dbname> <bucket ID>

setindexrank

Sets the initial index rank for a database <dbname>. The higher the rank <rank>, the earlier the index is started during cloud search startup. The rank is a number, for example, 5.

Syntax

setindexrank <dbname> <rank>

statistic

Returns the number of all database objects.

Syntax

statistic <dbname>|all

threaddump

Triggers a thread dump on instance <instanceID>. An instance ID can refer to a runnable, such as abs <s, m, or l> or report <s, m, or l>, or to a runnable type, such as abs or report.

The thread dump is written to the threaddump.log file.

Syntax

threaddump <instanceID>

unlockdb

Unlocks the database with the name <dbname>, or all databases.

Syntax

unlockdb <dbname>|all

updatesystemdb

After performing an update setup, update the system configuration of each operational tenant (filters, templates, and scripts) based on the supplied system database (<ARIS installation package>..\Content\SystemDB\*.adb). Any content you have created is retained.

Syntax

updatesystemdb <archive>

You can execute the command for several tenants at the same time.

userwipeout

Clears the user identification of one or multiple deleted users from one or all databases. The attributes Last modifier, Creator, and the user name in change list descriptions is set to unknown.

Syntax

userwipeout <dbname>|all [<user>][,<user>]

version

Displays the versions of the programs and libraries in use.

In the following example, a database is reorganized, whereby all of the objects and connections in the database that do not have an occurrence are deleted.

Warning

If you are using an object library, you should reorganize databases only when each object definition occurs in at least one overview model. If elements have already been created for later use but do not yet occur in models, these elements are deleted during the consolidation.

Reorganization in interactive mode

  1. Click Start > Programs > ARIS > Administration > ARIS Server Administrator 10.0. The MS DOS input window opens and ARIS Server Administrator is launched in interactive mode.

  2. Use the server command to connect to the relevant ARIS server:

    Syntax

    server <server name>[:<port number>] <tenant> <user name>

    The parts of the command that are surrounded by brackets are optional, that is, you can use them if necessary.

    Example

    server arissrv.eur.ag:80 default system

    The password is requested.

  3. Enter the user's password. In this example, manager. The connection is established.

  4. Enter the command for the reorganization of the United Motor Group database:

    reorg "United Motor Group"

The database is reorganized. The deleted items are listed.

Reorganization in command-line mode

  1. Open the command prompt from the directory <ARIS installation directory>\tools\ArisAdm.

  2. Enter the command line parameters:

    Syntax

    arisadm<version> -s <server name> -t <tenant> -u <user name> <password> reorg <database name>

    Example

    arisadm.bat -s arissrv.eur.ag -t default -u system manager reorg "United Motor Group"

The database is reorganized. The deleted items are listed.

To obtain information on the ARIS Server Administrator commands, enter help or help <command>.

ARIS Cloud Controller (ACC) command-line tool

ACC is a command-line tool for administrating and configuring an ARIS installation. ACC communicates with the ARIS agents on all nodes. You can use it in multiple modes (see Technical Help ARIS Cloud Controller Command-Line Tool). You can open or download documents and the Technical Help from the Documentation Web site. Documentation is also contained in the ARIS installation package that is available in the ARIS Download Center.

ARIS Cloud Controller can be used in multiple modes.

To start ACC under a Windows operating system click Start > All Programs > ARIS > Administration > Start ARIS Cloud Controller. If you have changed agent user credentials you must enter the user name and/or the password.

To start ACC under a Linux operating system, execute the acc10.sh shell script instead. To do so, enter: su -c acc10.sh aris10.

Tenant Management

ARIS tenants are containers that provide their own ARIS Administration and ARIS data set, such as configuration, ARIS Method, databases, scripts, and so on. An ARIS server may have multiple tenants installed that access the functionality of the server, but their data is independent of each other.

After the installation of an ARIS server using the setup program two tenants are available:

  • The infrastructure master tenant manages administrative users and all other tenants.

  • The default tenant is available for operational use.

If you need additional operational tenants to provide different sets of databases, users, configurations or ARIS methods you can easily create them. Additional operational tenants require a new set of ARIS licenses. Licenses must be unique in all tenants.

If you have installed an ARIS server using an external database management system, all additionally created tenants are available as well. If you are going to create additional tenants for ARIS10.0 to migrate data from ARIS 9.8.7 or later, make sure to use identical names in both ARIS versions.

Administrators can manage tenants in different ways. For example:

Please make sure to manage users and licenses for all tenants.

This use case provides a comprehensive description of all procedures that administrators must carry out for a tenant so that all authorized employees can work with ARIS Architect. We recommend that you use ARIS Administration to manage users, user groups, privileges, licenses, documents, configurations, and processes in ARIS. This is what the use case is based on.

Scenario

After installation, the following system users exist: 'superuser' and 'system'. They are responsible for the user management of an activated tenant. The server was started, the password for the system user superuser has not been changed yet.

User management in ARIS Administration

Prerequisite

You have administrator function privileges.

Procedure

  1. Open ARIS Administration and log in as 'superuser'.

    1. Click Application launcher Application launcher > Administration Administration. ARIS Administration opens.

  2. Change the passwords for the users 'superuser' and 'system'.

    1. Change the passwords of the users superuser and system to prevent unauthorized access to the system. These users are created automatically after installation and have comprehensive function privileges and authorizations.

    2. Click the user whose password you want to change.

    3. Click Edit Edit.

    4. Enable the Change password check box. The Old password, New password, and Confirm password fields are displayed.

    5. Enter a new password, and reenter it. If you want to use the webMethods integration, passwords must not contain a colon.

    6. Click Save.

      The password is changed. The user receives a notification by e-mail.

  3. Import the license purchased.

    1. Click Licenses Licenses > Product.

    2. Click Import license file Import license file. The corresponding dialog opens.

    3. Select the relevant license file.

    4. Click Upload.

      The license file is transferred. It is shown how many licenses were imported, as well as which licenses could not be installed and why.

  4. Create users.

    1. Click Create user Add user. The Create user form opens.

    2. Enter the user name, first and last name, e-mail address, if applicable, and password. If no password was specified for the user, a password is automatically generated for the first login and sent to the user. After the first login, the password must be changed. If a user that already exists in the LDAP system is created, the user name must match. The e-mail address is transferred automatically. For the other specifications you can enter any characters you wish because this information will automatically be transferred from the LDAP system after the user is created.

      The user name does not necessarily have to correspond to a person's first or last name. To comply with the GDPR, a randomly selected character string is used, or an abbreviation of the first and/or last name.

    3. Click Save. The details view of the user is displayed.

      The user is created. If no password was specified for the user, a password is automatically generated for the first login and sent to the user. After the first login, the password must be changed.

  5. Alternatively, import LDAP users.

    1. Click Additional functions Additional functions.

    2. Click Start LDAP import Start LDAP import. The button is active only if an LDAP system is configured on the server.

    3. Select whether you want to import only users or user groups and associated users.

    4. Select if you want to use the default filter or create a custom one.

    5. Click Preview to check how many users or user groups are imported. The number is displayed, as well as up to 100 elements to be imported in alphabetical order.

    6. Click Start import.

      The users or user groups and associated users are transferred from the LDAP system according to the selected options.

  6. Create user groups.

    1. Click User management User management and select User groups. The list of user groups opens.

    2. Click User group Add user group.

    3. Enter the name of the user group and an optional description.

    4. Click Save.

      The user group is created.

  7. Alternatively, import LDAP user groups.

    1. Click Additional functions Additional functions.

    2. Click Start LDAP import Start LDAP import. The button is active only if an LDAP system is configured on the server.

    3. Select whether you want to import only users or user groups and associated users.

    4. Select if you want to use the default filter or create a custom one.

    5. Click Preview to check how many users or user groups are imported. The number is displayed, as well as up to 100 elements to be imported in alphabetical order.

    6. Click Start import.

      The users or user groups and associated users are transferred from the LDAP system according to the selected options.

  8. Assign a user group to the user.

    1. Click the user whose user group association you want to change.

    2. Click Associated user groups.

    3. Click Edit user group association Edit assignment. The Associate user groups dialog opens.

    4. Enable the check boxes of the relevant items in the Available user groups box, and click Right arrow Add. The user groups are transferred to the Associated user groups box.

    5. Click OK.

      The user group is assigned to the user.

  9. Assign function privileges to the user, if required.

    1. Click the user you wish to assign function privileges to. The user data is displayed.

    2. Click Privileges. The list of function privileges is displayed.

    3. Enable (Enabled) the check boxes of the privileges whose assignment you want to add.

      The user is assigned the selected privileges. This provides the user with privileges for functions (for example, the Database administrator function privilege).

  10. Assign license privileges to the user.

    1. Click the user you wish to assign license privileges to. The user data is displayed.

    2. Click Privileges. The list of function privileges is displayed.

    3. Click License privileges.

    4. Enable (Enabled) the check boxes of the privileges whose assignment you want to add.

      The user is assigned the selected privileges. This provides the user with access to the ARIS products relevant to him.

Users can now log in with their assigned privileges.

For each ARIS database, you can grant access privileges to user groups or users. Product-specific privileges are assigned in each ARIS product.

User management in ARIS Architect

Procedure

These actions can also be carried out by users with the Database administrator and User administrator function privileges.

  1. Start ARIS Architect.

  2. Log in as system user and connect to the default tenant.

    Please use the new password that you just changed in ARIS Administration. ARIS Architect starts.

  3. Create databases. All users with the Database administrator function privilege can do so.

    1. Click ARIS > Show Administration Administration or ARIS > Explorer Explorer.

    2. Click Navigation Navigation in the bar panel if the Navigation bar is not activated yet.

    3. In the Explorer tree, right-click your connection to the ARIS server and select New New > Database without versioning capability Database.

    4. Enter a name. Do not use any special characters.

    5. Enable the Versionable check box if you want the content of the new database to be versioned.

    6. Click OK. The database is created and displayed in the Navigation bar, either as a Database without versioning capability non-versionable or Versionable database versionable database.

      All users and user groups are automatically transferred from ARIS Administration.

    7. Assign access privileges.

    8. Assign function privileges to users and user groups.

    9. Assign filters to users and user groups.

    The database is available to authorized users.

  4. Assign access privileges for database groups. These actions can be carried out by all users with the User administrator function privilege.

    1. Click ARIS > Explorer Explorer.

    2. Log in to the database.

    3. Click Navigation Navigation in the bar panel if the Navigation bar is not activated yet.

    4. Right-click the group for which you want to edit the access privileges, and select Properties Properties.

    5. Click Access privileges (users) or Access privileges (user groups) on the Selection tab.

    6. Select the users/user groups for which you want to assign privileges.

    7. Select the required access privileges. You can assign Read (r), Write (w), and Delete (d) access privileges. The Version (v) access privilege is available for versionable databases only. The selection is displayed in the Privileges column.

    8. If you click the Pass on privileges button, the selected access privileges are applied to all subgroups. This also applies to all new subgroups created below this group in the future.

    9. Click OK.

    After the user logs in to the database again the changed access privileges will be in effect.

  5. Assign database-specific function privileges to users and user groups.

    1. In ARIS Architect, click ARIS > Show Administration Administration.

    2. Click Navigation Navigation in the bar panel if the Navigation bar is not activated yet.

    3. Log in to the database.

    4. In the Navigation bar, click Users Users or User groups User groups.

    5. In the table, right-click the user or user group, and select Properties Properties.

    6. Click Function privileges on the Selection tab.

    7. In the Assign column, click the relevant function privileges. You can assign only function privileges that are assigned to you, too.

      You cannot change function privileges for system users.

      If you selected User in the Navigation bar and are logged on as system user, you can enable the System user check box. This user receives all function and access privileges.

    8. Click OK.

    The function privileges are now assigned for this database.

    For users to be able to view specific content of the database, you assign access privileges to them.

  6. Assign filters to users and user groups.

    1. In ARIS Architect, click ARIS > Show Administration Administration.

    2. Click Navigation Navigation in the bar panel if the Navigation bar is not activated yet.

    3. Log in to the database.

    4. In the Navigation bar, click Users Users or User groups User groups.

    5. In the table, right-click the user or user group, and select Properties Properties.

    6. Click Method filter on the Selection tab.

    7. In the Assign column, enable the checkboxes of the relevant filters.

    8. Click OK.

    The selected filters are assigned. Users can now log in using these filters.

    You can select a default filter for each database. This filter is automatically assigned when you create users and user groups.

All users with the corresponding privileges can work with ARIS Architect.

For new databases, these privileges must be assigned by authorized users.

ARIS video tutorial

ARIS Architect 'Administration' tab versus ARIS Administration (approx. 1 minute)

You can use only one license type for each product. Exceptions are the Named user and Cross-client license types.

License types for client products

The license types for client products must be assigned manually to users or user groups. You can increase the number of licenses by installing additional licenses.

Named user

Users assigned to this license type have guaranteed login as the license is registered in their name. The number of licenses that can be assigned is specified in the license file.

Concurrent user

For this license type, the number of users who can log in at the same time is specified. The assigned users share the available licenses. If the number of users logged in is the same as the number of available licenses, no other users can log in. The user must wait until another user logs off. However, the administrator can end the sessions of users.

Difference between 'Named user' and 'Concurrent user' license type

Concurrent user

Named user

Assignment

Via user or user group

Via user or user group

License volume

Unlimited

Limited number

Guaranteed login

No

Yes

Term of guaranteed login

Current session

Unlimited

Cross-client

This license type corresponds to a license of the Named user type. However, it can be imported and used for various tenants. It is intended for administrators who manage several tenants. The assigned users can log in with all tenants.

Server licenses

The license types for server products are activated automatically after the import.

Dependencies within privileges

  • There are certain license privileges that you cannot assign to a user in combination with others. For example, you cannot assign ARIS Architect and ARIS Designer to a user at the same time.

  • You can only activate the subgroups of a license privilege if the superior license privilege is activated. If you remove a superior license privilege of a user, the user also automatically loses the assignment to the subgroups.

ARIS document storage command-line tool

ARIS document storage provides a set of command-line tools that can be used to perform administrative operations.

  • ARIS must be running.

  • The command-line tools must be executed in the following path:

    <ARIS installation path>/server/bin/work/work_adsadmin_<your installation size, for example, s,m, or l>/tools/bin for Windows® operating systems

    and

    ARIS installation path>/cloudagent/bin/work/work_adsadmin_<your installation size, for example, s,m, or l>/tools/bin for Linux operating systems.

Please use y-admintool.bat for Windows operating systems and y-admintool.sh for Unix operating systems. For Unix operating systems, command-line tools (sh files) can only be started by the aris10 user, for example, enter: su -c y-admintool.sh aris10.

Example

y-admintool.bat -s http://my_aris_host.com:1080 -umc http://my_aris_host.com:1080 -t default bulkimport -u system -p manager -path d:\my_documents

General usage

Options

Description

-?, -h, --help

Show help, default: false

-s, --server

URL of ARIS document storage

-t, --tenant

ID of the tenant. The default value is default.

-umc, --umcserver

URL of User Management

Commands

Description

Parameters

adjustTimestamps

Modifies the time stamp that is set while creating or updating documents and folders.

The timestamp is modified for all documents and folders on a tenant.

Usage: adjustTimestamps [options]

--password (-p) <PASSWORD>. The default password is manager.

--user (-u). The default user name is system.

* -offset

Offset to add (+) or to remove (-) in minutes, for example:

"-210". The default value is "0".

anonymize

Anonymizes the user information for documents and folders

Usage: anonymize [options]

This is compliant to GDPR. The General Data Protection Regulation (GDPR) protects individuals’ personal data within the European Union. It also regulates the export of personal data outside the EU. GDPR is a regulation by the European Parliament, the Council of the European Union, and the European Commission.

--password (-p) <PASSWORD>

Password of the executor. The default password is manager.

By default, no access privileges are defined in ARIS document storage. All users have access to all folders - including the root folder - and documents. You can limit the access to individual folders of ARIS document storage so that not all ARIS document storage users can access all folders and their contents.

Please note:

If you delete only one user from the user list or from user groups that have access to the folder and then anonymize the folder data, all actions related to the folder data are anonymized. This means that the anonymization does not only affect the data of the deleted user.

Before you delete a user, get the user ID of a specific user from the user details in the user management.

* -n, --name

Name of the user or user group

* -type, --type

Type of the user or user group

-u, --user

User name

Password of the executor. The default password is system.

The user name is replaced by the string anonymous.

bulkimport

Imports all files and folders from a specified directory to ARIS document storage. The folder structure of the source is retained.

Usage: bulkimport [options]

Alternatively, you can import large datasets to ARIS document storage using a report. To do so, contact your local Software AG sales organization.

-a, --attributes

Creates metadata for every uploaded document, for example: "description:initial upload for migration step|labels:big data,external,draft|source:sharepoint".

This example shows how to specify the Description attribute and that custom attributes are created if required attributes were not available by default (title, description, tags, owner). The character | is used to separate the values. However, it must not be used within a value.

--password (-p) <PASSWORD>

Password of the executor. The default password is manager.

--repository (-r) <Repository name>.

The default repository is the portal repository used in ARIS document storage or in the repository view in ARIS. The default value is portal.

You must specify the target repository only if you do not use the default repository.

A different repository could be the ARIS Risk and Compliance repository for example.

-sw, --stopwatch

Enables the benchmarking for bulk import of documents and folders.

The default value is false.

--user (-u) <USERNAME>

User name of the executor. The default user name is system.

-deltaimportfile

Delta import: If errors have occurred during an import, an importerrors.log file is created in the current working directory, for example, ../tools/bin/importerrors.log. To import the documents listed in the log file, specify the following:

-deltaimportfile "./importerrors.log".

In this case, the path parameter is ignored, and only the files specified in the importerrors.log file are imported.

-logfile

Specifies the name to be used for the log file when the loglevel parameter is set, for example, %LOGS%adsimport.log.

If nothing is specified, but logging is enabled using the loglevel parameter, the adsimport.log file is saved to the current working directory. The default value is adsimport.log.

-loglevel

Specifies the log level for the bulk import of documents. When set to standard, only document names and IDs are logged. When set to hyperlinks, the HTTP links of documents are also logged. The default value is none.

* -path

Directory path to be used for bulk import of documents, for example, C:/import/documents/. From the last folder specified, the folder structure is reproduced in the repository of ARIS document storage.

Example: If the source folder has the following structure C:/import/documents/folder1/folder2, running the command-line tool using the -path option will generate the structure documents/folder1/folder2 in ARIS document storage.

-overwrite

If this option is enabled (-overwrite true), existing documents and folders are deleted and newly created according to the specified directory structure.

* -path

The directory path to be used for the bulk import of documents, for example, C:/import/documents/. From the last folder specified, the folder structure is reproduced in the repository of ARIS document storage. Example: If the folder containing the documents to be imported has the following structure C:/import/documents/folder1/folder2, running the command-line tool using the -path option will generate the structure documents/folder1/folder2 in ARIS document storage.

-toplevelfolder

If this property is set, the top-level folder specified in -path parameter is ignored during import. If the documents to be imported are located at a level lower than a given folder mydocs, and, for example, the path /mydocs/folder1/folder2 is used with this option, only the structure of the folders subordinate to the mydocs level is mirrored during the import and created directly below the root directory in ARIS document storage. If this property is not set (which is the default), the top-level folder is mirrored as well in the ARIS document storage repository, that is, the entire structure /mydocs/folder1/folder2 is created below the root directory. The default value is false.

deleteAccessPrivileges

Removes all access restrictions from a specified folder.

Usage: deleteAccessPrivileges [options]

--folderId (* -f)

The folder ID is required to delete all access privileges.

--password (-p) <PASSWORD>. The default password is manager.

--user (-u). The default user name is system.

--user (-u) <USERNAME>

User name of the executor. The default user name is system.

-orphandata

Deletes the access privileges assigned to deleted user groups. The default value is false.

-passon

Deletes the access privileges from the folder hierarchically. The default value is false.

exportConfig

Exports the configuration of ARIS document storage.

Usage: exportConfig [options]

--file (-f)

Configuration file. The default value is adsConfig.properties.

--password (-p) <PASSWORD>. The default password is manager.

--user (-u). The default user name is system.

importConfig

Updates the configuration of ARIS document storage of this tenant.

Usage: importConfig [options]

--file ( -f)

The configuration file to be imported. The default value is adsConfig.properties.

--password (-p) <PASSWORD>. The default password is manager.

--user (-u). The default user name is system.

purgeAuditLog

Purges all audit logs for the administrator user based on the time range. The end date is mandatory. The date format is yyyy-MM-dd HH:mm:ss

Usage: purgeAuditLog [options]

Options:

-s: URL of the server

-t: ID of the tenant. The default value is default.

* -ed, --endDate

End date in format (yyyy-MM-dd HH:mm:ss)

-u, --user

User name of the executor, default: system

-p, --password

Password of the executor, default: manager

-sd, --startDate

Start date in format (yyyy-MM-dd HH:mm:ss)

Example

y-admintool.bat -s https://my_aris_host.com -t mytenant purgeAuditLog -sd "2021-05-22 00:00:00" -ed "2022-06-01 23:59:00" -u system -p manager

reindex

Re-indexes the ARIS document storage database.

Usage: reindex [options]

--password (-p) <PASSWORD>. The default password is manager.

--user (-u). The default user name is system.

thumbnails

Creates thumbnails for pictures.

Usage: thumbnails [options]

--password (-p) <PASSWORD>

Password of the executor. The default password is manager.

--repository (-r) <Repository name>.

The default repository is the portal repository used in ARIS document storage or in the repository view in ARIS. The default value is portal.

You must specify the target repository only if you do not use the default repository.

A different repository could be the ARIS Risk and Compliance repository for example.

--user (-u) <USERNAME>

User name of the executor. The default user name is system.

Process Governance command-line tool

Process Governance provides a set of command-line tools that can be used to perform administrative operations.

Warning

To avoid data inconsistencies and possible data loss, you must not perform any of the following activities in parallel, neither manually nor scheduled:

- Deleting any Process Governance process instance, process version, or process

- Archiving Process Governance process instances

- Backup/restore tenant (containing Process Governance or ARIS document storage data)

  • ARIS must be running.

  • The command-line tools must be executed in the following path:

    <ARIS installation path>/server/bin/work/work_apg_<your installation size, for example, s,m, or l>/tools/bin for Windows® operating systems

    and

    <ARIS installation path>/cloudagent/bin/work/work_apg_<your installation size, for example, s,m, or l>/tools/bin for Linux operating systems.

The following command-line tools are provided:

  • y-ageclitool.bat

  • y-export4ppm.bat

  • y-setenv.bat

    This command-line tool is called by the y-ageclitool.bat or y-ageclitool.sh and configures the environment as required.

For more information about parameters and commands please type the tool name followed by /? or -?, for example y-ageclitool.bat /?.

On Unix operating systems, only the aris10 user can start the command-line tools (sh files), except for the y-setenv.sh file. For example, enter: su -c y-ageclitool.sh aris10.

The following command-line tools are provided:

  • y-ageclitool.sh

  • y-export4ppm.sh

  • y-setenv.sh

    This command-line tool is called by the y-ageclitool.bat or y-ageclitool.sh and configures the environment as required.