First of all there are some general tasks to set up, for example, importing the license files and configuring the address of your mail server.
Login as superuser or user with respective permissions to create user/groups and import license files.
Afterwards for the Model to Execute scenario you will need to create the user groups Process engineer, Process developer and arisservice in the Administration tool.
The Administration is web-based:
http(s)://<SERVERNAME>:<PORT>
Your changes will be saved in background automatically; there is no need to save your changes. But, on changes in Permissions and User Group assignment, the affected user(s) itself has to logout and login again to get the updated policies.