Tenant Management tool

Tenant Management enables users to centrally manage all of a company's ARIS tenants on the infrastructure tenant.

If you installed ARIS using the ARIS Server setup program, the Tenant Management user interface is available. The Tenant Management user interface is run automatically with the user account of the superuser user. In order for other users to be able to log in, you must configure the infrastructure tenant. This assigns users in the infrastructure tenant privileges for impersonation, along with additional function privileges.

Once all operational tenants are configured, impersonation enables users to assume the account of the superuser system user in order to perform administration tasks. After the ARIS Server was updated, for all operational tenants make sure to specify superuser in the Impersonation target users field again.

If you want existing tenants that were not created using Tenant Management to be managed centrally, you have to adjust the configuration of these tenants.

All tenant data can be backed up from the running system manually or using a schedule.

If you back up tenants manually or use a scheduled backup, the current state of the following data is saved in backup lists.

Tenant data is fully backed up only if the user executing the commands has sufficient privileges for all components in every tenant and if all components were selected for the backup. Extensions, for example, TLS/SSL certificates, SAPĀ® Java Connector, and JDBC drivers, added using the enhance ACC command are not backed up. In ARIS 10 all started runnables are automatically taken into account when executing tenant backup/restore commands.

Content

Required function privileges

Component (runnable)

Data from ARIS Administration,

for example, users, privileges.

User statistics are not included by default. If you want to include the user statistics, the property User statistics in backup (com.aris.umc.user.statistics.backup) must be enabled in the configuration (see ARIS help: ARIS Administration > Configuration Configuration > User management > Security > Advanced settings).

User administrator

Technical configuration administrator

ARIS Administration/User Management

(umcadmin_<s, m, or l>)

Licenses

User administration audit events are not part of the tenant backup.

License administrator

System database

Contains filters, templates, and font formats, but also ARIS Method and all evaluation scripts, macros and scheduled reports.

Server administrator

Modeling & Publishing

(abs_<s, m, or l>)

ARIS databases

Database administrator

Ad hoc analyses and queries

Analysis administrator

Analysis

(octopus_<s, m, or l>)

ARIS document storage data, including Process Governance archives

Documents and access privileges

Document administrator

Technical configuration administrator

ARIS document storage

(adsadmin_<s, m, or l>)

Process Governance data

Process Governance administrator

Process Governance

(apg_<s, m, or l>)

Collaboration data

Collaboration administrator

Collaboration

(ecp_<s, m, or l>)

ARIS Risk and Compliance data

ARCM administrator

ARIS Risk and Compliance

(arcm_<s, m, or l>)

Dashboards and feeds

Dashboard administrator

ARIS Aware

(dashboarding_<s, m, or l>)

ARIS portal views, modification sets, and configuration sets.

Portal administrator

ARIS portal

(copernicus_<s, m, or l>)

Make sure to save backup files on external media, such as a NAS or file servers. You require the same function privileges to restore the data.

Users with appropriate privileges can back up all data from tenants using schedules. They thus create restore points. All data from the tenant is saved in a backup list.

If you back up tenants manually or use a scheduled backup, the current state of the following data is saved in backup lists.

Tenant data is fully backed up only if the user executing the commands has sufficient privileges for all components in every tenant and if all components were selected for the backup. Extensions, for example, TLS/SSL certificates, SAPĀ® Java Connector, and JDBC drivers, added using the enhance ACC command are not backed up. In ARIS 10 all started runnables are automatically taken into account when executing tenant backup/restore commands.

Content

Required function privileges

Component (runnable)

Data from ARIS Administration,

for example, users, privileges.

User statistics are not included by default. If you want to include the user statistics, the property User statistics in backup (com.aris.umc.user.statistics.backup) must be enabled in the configuration (see ARIS help: ARIS Administration > Configuration Configuration > User management > Security > Advanced settings).

User administrator

Technical configuration administrator

ARIS Administration/User Management

(umcadmin_<s, m, or l>)

Licenses

User administration audit events are not part of the tenant backup.

License administrator

System database

Contains filters, templates, and font formats, but also ARIS Method and all evaluation scripts, macros and scheduled reports.

Server administrator

Modeling & Publishing

(abs_<s, m, or l>)

ARIS databases

Database administrator

Ad hoc analyses and queries

Analysis administrator

Analysis

(octopus_<s, m, or l>)

ARIS document storage data, including Process Governance archives

Documents and access privileges

Document administrator

Technical configuration administrator

ARIS document storage

(adsadmin_<s, m, or l>)

Process Governance data

Process Governance administrator

Process Governance

(apg_<s, m, or l>)

Collaboration data

Collaboration administrator

Collaboration

(ecp_<s, m, or l>)

ARIS Risk and Compliance data

ARCM administrator

ARIS Risk and Compliance

(arcm_<s, m, or l>)

Dashboards and feeds

Dashboard administrator

ARIS Aware

(dashboarding_<s, m, or l>)

ARIS portal views, modification sets, and configuration sets.

Portal administrator

ARIS portal

(copernicus_<s, m, or l>)

Make sure to save backup files on external media, such as a NAS or file servers. You require the same function privileges to restore the data.

Any number of schedules can be created for each tenant. If you create a large number of schedules and backups, make sure the storage medium has sufficient capacity.

Prerequisites

  • The user name and password have been entered in the backup options.

  • The default location for saving backup files was changed to a different folder on a physical drive to prevent that files stored in the default location are automatically deleted when you perform an update setup.

Warning

To avoid data inconsistencies and possible data loss, you must not perform any of the following activities in parallel, neither manually nor scheduled:

- Deleting any Process Governance process instance, process version, or process

- Archiving Process Governance process instances

- Backup/restore tenant (containing Process Governance or ARIS document storage data)

Procedure

  1. Click Schedules. The schedules for all tenants are displayed.

  2. Click Create tenant Create schedule. The Create schedule dialog opens.

  3. Enter the description for the backup. This text makes it easier to select the relevant backup when restoring the tenant.

  4. Select the time for the automatic backup. You can set an automatic backup daily or on a particular day of the week. Select a time on the hour as the start time.

  5. Select the maximum number of backups to be saved in the tenant backup list for this schedule. If you select 10, a maximum of the 10 last versions can be restored.

  6. Select the tenant to be backed up.

  7. Click OK.

The schedule is created.

An additional backup is added to the tenant backup list at the specified time. If the selected number of backups already exists, the oldest is removed to free up space for the new backup.

See also

Restore tenants

If no content is displayed, add a node to manage tenants.

If you installed ARIS using the ARIS Server setup program, the Tenant Management user interface is available. The Tenant Management user interface is run automatically with the user account of the superuser user. In order for other users to be able to log in, you must configure the infrastructure tenant. This assigns users in the infrastructure tenant privileges for impersonation, along with additional function privileges.

Once all operational tenants are configured, impersonation enables users to assume the account of the superuser system user in order to perform administration tasks. After the ARIS Server was updated, for all operational tenants make sure to specify superuser in the Impersonation target users field again.

If you want existing tenants that were not created using Tenant Management to be managed centrally, you have to adjust the configuration of these tenants.