For all ARIS products users are managed centrally within the user management. Using ARIS Server the user management is part of the ARIS Administration. The role specific data access is handled by license privileges and function privileges and database specific privileges managed within the ARIS Administration and database specific privileges and filters associated to users and user groups. These database specific privileges and filters are managed within ARIS Designer for each database of a tenant.
After the ARIS Server installation the superuser user can only login to the ARIS Administration. The initial password is superuser. Also the system user can do so, using the initial password manager. Both users hold sufficient permissions to manage users and licenses. The superuser user only has these permissions and cannot login to ARIS Download Client or ARIS Connect as no license can be assigned. The system user holds all permissions to manage all data in the system. This user only needs to get licenses assigned to do so.
If you are about to make the Tenant Management interface available, the superuser user needs additional permissions in the infrastructure tenant as well as in all operating tenants.
User management within the ARIS Administration
The ARIS Administration is a tool managing users, user groups, privileges, licenses, documents, and configurations for each tenant affecting all ARIS products. This ensures the single sign-on for various ARIS products. Users can also be imported from an LDAP system. ARIS Administration is available for users holding the User administrator and License administrator function privilege. Initially, only the administrative users superuser and system are available. These users are able to manage users for all tenants of your system. Users can also be managed using the command line tools of ARIS Administration.
If you have installed an ARIS Risk & Compliance Manager version, using its own ARIS Administration or you are using ARIS Publisher Server, you can force these components to use the ARIS Administration of the ARIS Server in order to manage users centrally. Therefore you must reconfigure ARIS Risk & Compliance Manager and/or force ARIS Publisher Server to use the specific ARIS Administration.
Administrators must perform these actions in order to allow access to ARIS:
Further information is available in the ARIS Administration's online help.
All users and user groups managed in the ARIS Administration are available in every existing or future databases of the tenant. In each database product specific privileges must be assigned in ARIS Designer. To do so,proceed as described in the chapter Managing Users of the ARIS Designer Online Help.
User management within ARIS Designer
While creating a database all users and user groups are imported from the ARIS Administration. To control data access and role specific actions administrators need to assign privileges and filters for each database.
Please make sure to have managed users and licenses before you manage users in ARIS Designer.
These actions can be performed by all users holding the function privileges Database administrator and User management.
All authorized users have access to licensed ARIS products.
Privileges and filters must be assigned for each additional database.
Further information is available in the ARIS Administration online help.