This use case provides a comprehensive description of all procedures that administrators must carry out for a tenant so that all authorized employees can work with ARIS Architect.
We recommend that you use ARIS Administration to manage users, user groups, privileges, licenses, documents, configurations, and processes in ARIS Connect. This is what the use case is based on. Using User Management is advisable only for users of ARIS Risk & Compliance Manager, ARIS Publisher, PPM, and MashZone.
Scenario
After installation, the following system users exist: 'superuser' and 'system'. They are responsible for the user management of all tenants. The server was started, the password for the system usersuperuser has not been changed yet.
Change the passwords of the users superuser and system to prevent unauthorized access to the system. These users are created automatically after installation and have comprehensive function privileges and authorizations.
Click the user whose password you want to change.
Click Edit.
Enable the Change password check box. The Old password, New password, and Confirm password fields are displayed.
Enter a new password, and reenter it. If you want to use the webMethods integration, passwords must not contain a colon.
Click Save.
The password is changed. The user receives a notification by e-mail.
Click Import license file. The corresponding dialog opens.
Select the relevant license file.
Click Upload.
The license file is transferred. It is shown how many licenses were imported, as well as which licenses could not be installed and why.
Create users or synchronize them from your LDAP system.
Click Add user. The Create user form opens.
Enter the user name, first and last name, e-mail address, if applicable, and password. If a user that already exists in the LDAP system is created, the user name must match. The e-mail address is transferred automatically. For the other specifications you can enter any characters you wish because this information will automatically be transferred from the LDAP system after the user is created.
The user name does not necessarily have to correspond to a person's first or last name. In many cases, a randomly selected character string is used, or an abbreviation of the first and/or last name.
Click Save. The detail view of the user is displayed.
Click the user whose user group association you want to change.
Click Associated user groups.
Click Edit assignment. The Associate user groups dialog opens.
Enable the check boxes of the relevant items in the Available user groups box, and click Add. The user groups are transferred to the Associated user groups box.
Click the user you wish to assign function privileges to. The user data (details) is displayed.
Click Privileges. The list of function privileges is displayed.
Enable/disable the check boxes of the privileges whose assignment you want to add/remove.
The user is assigned the selected privileges. This provides the user with privileges for functions (for example, the Database administrator function privilege).
Click Navigation in the bar panel if the Navigation bar is not activated yet.
Right-click the group for which you want to edit the access privileges, and select Properties.
Click Access privileges (users) or Access privileges (user groups) on the Selection tab.
Select the users/user groups for which you want to assign privileges.
Select the required access privileges. You can assign Read (r), Write (w), and Delete (d) access privileges. The Version (v) access privilege is available for versionable databases only. The selection is displayed in the Privileges column.
If you click the Pass on privileges button, the selected access privileges are applied to all subgroups. This also applies to all new subgroups created below this group in the future.
Click OK.
After the user logs in to the database again the changed access privileges will be in effect.
You have selected the appropriate perspective in the Perspective Wizard so that all relevant folders are displayed on the Administration tab.
You have selected the Configuration & Administration working environment in the Perspective Wizard.
You have the required privileges for the different tasks. The various privileges are listed in the procedure descriptions below.
Click Navigation in the bar panel if the Navigation bar is not activated yet.
Log in to the database.
In the Navigation bar, click Users or User groups.
In the table, right-click the user or user group, and select Properties.
Click Function privileges on the Selection tab.
In the Assign column, click the relevant function privileges. You can assign only function privileges that are assigned to you, too.
You cannot change function privileges for system users.
If you selected User in the Navigation bar and are logged on as system user, you can enable the System user check box. This user receives all function and access privileges.
Click OK.
The function privileges are now assigned.
For users to be able to view specific content of the database, you assign access privileges to them.
You have selected the appropriate perspective in the Perspective Wizard so that all relevant folders are displayed on the Administration tab.
You have selected the Configuration & Administration working environment in the Perspective Wizard.
You have the required privileges for the different tasks. The various privileges are listed in the procedure descriptions below.
Click Navigation in the bar panel if the Navigation bar is not activated yet.
Log in to the database.
In the Navigation bar, click Users or User groups.
In the table, right-click the user or user group, and select Properties.
Click Method filter on the Selection tab.
In the Assign column, enable the checkboxes of the relevant filters.
Click OK.
The selected filters are assigned. Users can now log in using these filters.
You can select a default filter for each database. This filter is automatically assigned when you create users and user groups.
All users with the corresponding privileges can work with ARIS Architect. For new databases, these privileges must be assigned by authorized users. Further procedure descriptions are available in the ARIS Administration help (<user names> > Help).