This section describes how to add organizations to CentraSite and perform administrative tasks on the organizations. It also describes how to manage users, groups and roles associated with the organization.
The content is organized under the following sections:
The CentraSite Business UI allows you to view, add, manage and delete organizations. Each organization that you add is stored in the CentraSite registry as an object of the type "Organization".
The typical information that you store for an organization includes:
general information about the organization, such as the organization's name, the description of the organization, the contact person for the organization and the address of the organization's web site.
the CentraSite users who belong to the organization, as well as any group or role assignments.
details of any child organizations of the organization.
Users with the "Manage Organizations" system-level permission (such as the users with the role CentraSite Administrator) can perform all of the above actions on any organization. Users with the "Organization Administrator" organization-level role for a given organization can perform all of the above actions on that organization.
The Manage Organizations activity allows you to view a list of the organizations that you are allowed to access. The list includes all organizations for which you are the owner. If you have the "Manage Organizations" system-level permission, the list includes all of the organizations defined in the registry.
To view the list of organizations
In the activity bar, click Manage Organizations.
When you do this, you see a list of all of the currently defined organizations. Also, the action bar shows the set of actions that are available for working with organizations.
For each organization, the list includes various attributes of the organization such as the organization name and the owner. You can adjust the view to show or hide any of the available attributes. To do this, open the drop-down list labeled View, then mark the checkboxes for any attributes that you want to include in the view, and unmark the checkboxes for attributes that you do not want to display.
Similarly, you can change the order in which the attributes are displayed. To do this, open the drop-down list labeled Show by. The list shows all of the attributes that currently selected in the View drop-down list. The order in which the attributes appear in the drop-down list Show by is the order in which the attributes appear for each displayed organization. If you want to change the order in which any given attribute is displayed, select the attribute in the drop-down list Show by, then use the arrows to move the attribute to the required position.
This section describes how to add an organization to CentraSite.
To add an organization to CentraSite
In the activity bar, click Manage Organizations.
When you do this, you see a list of all of the currently defined organizations. Also, the action bar shows the set of actions that are available for working with organizations.
Click .
This opens a dialog in which you can enter the required information for the organization.
Enter the appropriate information for each of the displayed data fields. To access a data field, click on the link for the field.
Each organization requires at least one administrator. The administrator receives all permissions required to perform any administrator-level operation on the organization.
The Administrator(s) field is a type-ahead field; as you enter characters in this field, the dialog shows you all known users whose user ID begins with the characters you have entered. If your user repository is based on LDAP, the search will look additionally for any user that has an LDAP attribute value that matches the characters you enter.
You can use wildcards in this field. For example "*abc" will find users with user IDs such as "org1abc" or "department52abc", or users with LDAP attributes that have these values. The wildcard "*" represents any number of characters; the wildcard "%" represents any single character.
The list of user IDs returned shows users who are already registered in the organization, as well as users in the user repository who are not yet registered as users in CentraSite. If you select one of the unregistered users, this user becomes a registered user in the organization and is assigned to be an administrator of the organization.
You can define more than one administrator for the organization. Use the button beside the field labeled Administrator(s) to add additional administrators.
Click to save the details.
To view or modify the details that you have stored for an organization, proceed a follows:
To view or modify an organization's details
Display the list of organizations, as described in section Displaying a List of your Organizations above.
In the displayed list, click the link of the organization whose details you want to view. This shows the details of the organization.
There are two levels of details provided:
Basic Information
This shows the standard information that you provide for any
organization, such as the organization's postal address, the web page URL, the
name of the organization's administrator, the primary contact person and a
general description of the organization.
You can expand or collapse the information displayed by clicking on the label Basic Information.
Advanced Information
This shows information about the organization's users, groups,
roles and child organizations. You can expand or collapse the information
displayed by clicking on the label Advanced
Information.
When the label Advanced Information is expanded, you see labels for the categories Child Organizations, Users, Groups, Roles. You can also expand or collapse these labels to display the details for each of these categories.
If you want to modify the organization's details that are displayed in the Basic Information section, click the Edit icon. You can then enter new values for the organization's fields.
Then click the Save icon to save the changes.
If you want to make changes related to the child organizations of an organization, follow the instructions in the section Working with Child Organizations.
This section describes how to delete an organization. You can also delete multiple organizations in a single action.
To delete an organization, you must have the "Manage Organizations" organization-level permission for this organization (the "Organization Administrator" role has this permission), or the "Manage Organizations" system-level permission (the "CentraSite Administrator" role has this permission).
If you want to delete an organization that has one or more child organizations, you must first delete the child organizations before you can delete the organization.
To delete an organization
In the activity bar, click Manage Organizations.
When you do this, you see a list of all of the currently defined organizations. Also, the action bar shows the set of actions that are available for working with organizations.
Mark the checkbox of the organization that you want to delete. If you want to delete more than one organization, mark the checkbox of each organization that you want to delete.
Click .
Each organization can have one or more child organizations, each of which in turn can also have child organizations, and so on. This allows you to model hierarchies such as, for example, when a large corporation consists of many independently operating companies that in turn have regional subdivisions.
The Business UI allows you to add, view, modify or delete an existing child organization.
To add a child organization
In the activity bar, click Manage Organizations.
When you do this, the action bar shows the set of actions that are available for working with organizations.
Select the organization where you want to add a child organization.
In the details page of the organization, click the icon.
Enter data for the fields displayed.
The fields displayed are the same fields as for the parent organization, so for a description of the fields, follow the instructions provided above for adding an organization.
To view or modify a child organization
In the activity bar, click Manage Organizations.
Select the parent organization that contains the required child organization.
In the Advanced Information section of the parent organization, select the child organization that you want to view or modify. The details of the child organization are now displayed.
If you want to modify the attributes of the child organization, as displayed in the Basic Information section, click the icon. You can then enter new values for the child organization’s fields. Then click the icon to save the changes.
To delete a child organization
First display the details page of the parent organization. In the display, there is a link labeled Child Organizations in the Advanced Information section. Click this link to see a list of all of the child organizations of this parent organization.
Move the mouse over the child organization you want to delete. This causes an icon to appear, that you can use for deleting.
Click the icon to delete the child organization.
The information in the Advanced Information section of the organization details lists the users, groups and roles that belong to the organization (as well as other information such as details of child organizations). The information is dynamically updated each time you refresh the display.
You can click on the Users, Groups and Roles tabs to expand or collapse the display for these categories.
When you expand a category, you can move the cursor over any of the displayed users, groups or roles. This causes one or more icons to appear, that allow you to perform an action on the selected user, group or role.
If, for example, you want to delete a user-defined user, group or role, then proceed as follows:
To delete a user, group or role at the organization level
Expand the Users, Groups or Roles tab as required.
Move the cursor over the user, group or role that you want to delete.
Click the Delete icon. This deletes the selected user, group or role.
Each user that you add within the context of a specific organization has permissions to access information within that organization, but does not have permission to access information belonging to any other organization.
You can add a user to an organization. The user must be already registered in the current default user repository.
To add a user to an organization
In the activity bar, click Manage Organizations and click on the organization where you will add the user.
In the actions bar for the organization, click .
This opens a dialog for adding a user.
Enter the user ID of the user in the search field.
If your current default user repository is LDAP-based, you can instead enter the value of any mapped LDAP property of the user you want to search for.
You can also specify just the first characters of the user ID or the LDAP property's value. In this case, CentraSite will find all users whose user ID begins with these characters, or all users who have at least one mapped LDAP property that begins with these characters.
Then click Search. CentraSite will display a list of users matching the search criteria.
Mark the checkbox for the user you wish to add, then click .
If you want to add more than one user, mark the checkbox of each user you want to add, then click .
If you want to view or modify the information stored for a user, proceed as follows:
To view or modify the details stored for a user
First display the details page of the organization to which the user belongs. Expand the link to see a list of all of the users belonging to this organization.
Click on the name of the user whose details you want to view.
This displays the following sections
Basic Information
This shows the information stored for the user, such as: the
user's name, user ID, email address, telephone and mobile numbers.
The data fields shown are selected according to the user's current display preferences. See the topic Setting User Preferences in the section Working with the Business UI for details.
You can expand or collapse this section by clicking on the label Basic Information.
Advanced Information
This shows information about assets that belong to the user.
When you click on the label Assets, you see a list of assets that the user owns.
In addition, it also shows the groups which the user is a member of, and the roles assigned to the user. The Roles category shows not only the user's roles but also the roles inherited through the groups of which the user is a member.
You can expand or collapse this section by clicking on the label Advanced Information.
If you want to modify the user details, click the icon. You can then enter new values for fields such as the user's first name, last name and the user's organization.
Then click the icon to save the changes.
There are two ways of adding a user to a group, namely from the user details view or the group details view. Details for adding a user from the group details page are provided in the section Adding a user to a group (from the group details view) below.
To add a user to a group from the user details page, proceed as follows:
To add a user to a group (from the user details page)
In the details page for the user, select the icon.
If you want to see a list of all defined groups, click the icon. You can also type the first few characters of the group name in the search field, then click the icon. This will display all groups whose name starts with the given characters. You can use wildcard characters ("*" or "%") in the search field.
You can sort the groups based on the name/description/organization of the group by using the Sort By chooser. You can also configure the group attributes that you want to view by using the View chooser.
In the list of displayed groups, select the group where you want to add the user.
You can add a user to more than one group. To do this, you can select several groups from the list.
When you delete a user from a group, you delete the association between the user and the group, but both the user and the group continue to exist.
There are two ways of deleting a user from a group, namely from the user details view or the group details view. Details for deleting a user from the group details page are provided in the section Deleting a user from a group (from the group details view) below.
To delete a user from a group from the user details page, proceed as follows:
To delete a user from a group (from the user details page)
In the details page for the user, open the tab.
In the list of displayed groups, move the cursor to the group from which you want to remove the user. This displays icons for one or more actions that you can perform on the group.
Click the icon. This removes the user from the group.
Note:
You cannot remove a user from pre-defined group such as
"Users" or
"Members".
To delete a user
Display the list of users currently defined for the organization.
See the section Viewing details of a user above for details of how to do this.
Move the mouse over the user you want to delete. This displays icons for one or more actions that you can perform on the user.
Click the icon. This deletes the user.
Note:
You cannot delete a user who is the only administrator or the
primary contact of the organization.
You can view or delete the assets of a user.
To view the assets of a user
Open the details page of the user.
Expand the Assets tab. This displays the assets owned by the user.
If you want to delete any of these assets, proceed as follows:
To delete an asset belonging to a user
View the list of assets belonging to the user, as described above.
Move the cursor over the asset you want to delete. This causes the icon to appear.
Click the icon.
You can define organization-specific groups. A group can contain users who are defined in different organizations.
To add a group to an organization
In the activity bar, click Manage Organizations and click on the organization where you will add the group.
In the actions bar for the organization, click .
Choose one of the following options:
If you want to add a new local group, enter the name of the group in the field labeled Create a new Group.
Then assign users to the group, as described below.
If you want to import a group from an external user repository, enter the name of the external group in the field labeled Import an external Group.
When you import an external group, you can also choose the option Import all group members as users. This ensures that all of the users defined in the external group are also added as users to the group in CentraSite. Since the group is assigned to a specific organization, the users will be assigned to the same organization.
A group can be empty. Each user can be assigned to zero, one, or more than one group.
To view or modify the details stored for a group
First display the details page of the organization to which the group belongs. Expand the link to see a list of all of the groups belonging to this organization.
Click on the name of the group whose details you want to view or modify.
This displays the following categories:
The group's basic details (group name, group description).
The users who belong to the group
Roles that have been assigned to the group.
If you want to modify the group's basic details, click the icon. You can then enter new values for the group's name and description fields.
Then click the icon to save the changes.
If the group is an external repository group, then the icon is disabled, since modifying an external repository group is not supported.
There are two ways of adding a user to a group, namely from the user details view or the group details view. Details for adding a user from the user details page are provided in the section Adding a user to a group (from the user details view) above.
To add a user to a group from the group details page, proceed as follows:
To add a user to a group (from the group details page)
In the details page for the group, select the icon.
If you want to see a list of all available users, click the icon. You can also type the first few characters of the user ID in the search field, then click the icon. This will display all users whose name starts with the given characters. You can use wildcard characters ("*" or "%") in the search field.
You can sort the users based on attributes, such as user name or the owning organization of the user, by using the Sort By chooser. You can also configure the user attributes that you want to view by using the View chooser.
In the list of displayed users, select the users you want to add to the group user.
You can add more than one user to a group. To do this, you can select several users from the list.
There are two ways of deleting a user from a group, namely from the user details view or the group details view. Details for deleting a user from the user details page are provided in the section Deleting a user from a group (from the user details view) below.
To delete a user from a group from the group details page, proceed as follows:
To delete a user from a group (from the group details page)
Open the details page for the group.
In the list of displayed users, move the cursor to the user that you want to remove from the group. This displays icons for one or more actions that you can perform on the user.
Click the icon.
To modify or delete a group
Display the list of groups currently defined for the organization.
See the section Viewing details of a group above for details of how to do this.
Move the mouse over the group you wish to modify or delete. This causes two icons to appear, one for modifying and one for deleting.
Click the appropriate icon for modifying or deleting the group.
If you delete the group, you delete all of the assignments of users to the group, but the users continue to exist without the group.
Note:
You cannot delete the "Users" or
"Members" groups of an organization. These are
pre-defined groups and are created automatically when an organization is
created. They will only be deleted if you delete the organization that they
belong to.
Roles can be assigned to users or groups defined in an organization. Users or groups who have roles receive all of the permissions associated with the roles.
To add a role to an organization
In the activity bar, click Manage Organizations and click on the organization where you will specify the role assignment.
In the actions bar for the organization, click .
In the data fields provided, specify the name of the new role and provide a description.
Also mark the checkboxes of all permissions that will be assigned to the role. The dialog offers only the permissions that are appropriate for the logged-in user. If, for example, you are a user with the role CentraSite Administrator, the dialog offers all available permissions (i.e. organization-specific and system-wide permissions), otherwise the dialog offers just the organization-specific permissions.
Click to save the role.
You can define a role without assigning it (yet) to a user or group. Each user or group can have zero, one, or more than one role assignments. See the section Assigning a role to a user or group for information about role assignments.
To view or modify the details of a role
First display the details page of the organization to which the role belongs. Then expand the link to see a list of all of the roles belonging to this organization.
Click on the name of the role whose details you want to view or modify.
This displays the following sections:
Basic Information
This shows the owning organization and the description of the
role.
Advanced Information
This contains the following information categories:
The users to whom the role has been assigned.
The groups to which the role has been assigned.
The permissions that have been assigned to the role.
You can expand or collapse these categories by clicking on the label Users, Groups or Permissions, as required.
If you want to modify the basic information of the role, click the icon in the actions bar. You can then enter new values for the fields.
If you are a user with the Organization Administrator role, you can make the following changes:
Role name
You can change the name of the role by entering a new name in the
Name field. If you had previously assigned the role to a
user or group, you will see the new name when you subsequently display the role
information for the user or group.
Role description
You can enter a new text in the Description
filed for the role.
If you are a user with the CentraSite Administrator role, you can additionally make the following change:
Owning Organization
You can change the organization to which the role belongs by
entering a new organization name in the Organization
field. This is only possible if the role is not already assigned to any user or
group in the current organization.
Then click the icon to save the changes.
To assign a role to a user or group
If you want to assign a role to a user, display the details page of the user.
If you want to assign a role to a group, display the details page of the group.
In the actions bar, click .
If you want to see a list of all available roles, click the icon. You can also type the first few characters of the role name in the search field, then click the icon. This will display all roles whose name starts with the given characters. You can use wildcard characters ("*" or "%") in the search field.
You can sort the roles based on the role attributes available with the Sort By chooser. You can also configure the role attributes that you want to view by using the View chooser.
Select the role that you want to assign to the user or group, then click .
There are two ways of deleting a role assignment from a user or group: (a) you can remove the role from the set of roles defined for the user or group, or (b) you can remove the user or group from the set of users and groups to which this role has been assigned.
Instructions for these two methods are as follows:
To delete a role from the set of roles assigned to a user or
group
Display the details page of the user or group.
See the section Viewing details of a user or Viewing details of a group above for details of how to do this.
Click the link to see the set of assigned roles for this user or group.
Move the mouse over the role assignment that you want to remove from this user or group. When you do this, a pop-up menu appears.
From the pop-up menu, click the icon for deleting the role.
To remove a user or group from the set of users and groups assigned
to a role
Display the details page of the role.
See the section Viewing or modifying details of a role above for details of how to do this.
Expand the or link to view the list of users or groups that have the role.
Move the mouse over the user or group where you want to remove the role assignment. When you do this, a pop-up menu appears.
From the pop-up menu, click the icon for deleting the user or group from the set.
If you delete a role assignment, the affected user or group loses the permissions associated with the role, unless the user or group has another role assignment that provides the same permissions.
The permissions originally assigned to a role are defined when you create the role (see the section Adding a role to an organization for details). If you wish to modify the permissions assigned to a role, proceed as follows:
To assign a permission to a role
First display the details page of the organization where the role is defined. Then expand the link to see a list of all of the roles belonging to this organization.
Click the role whose permissions you want to modify. This displays the details page of the role.
Click the Assign Permissions action.
In the list of displayed permissions, mark the checkbox of the permission that you want to assign to the role. Multiple selections are also possible.
Click to save your changes.
To remove a permission from a role
Display the details page of the role.
See the section Viewing or modifying details of a role above for details of how to do this.
Expand the link to view the permissions assigned to the role.
Move the mouse over the permission that you want to remove from the role. When you do this, a pop-up menu appears.
From the pop-up menu, click the icon for removing the permission.
If you no longer require a role that has been previously defined for an organization, you can delete the role, provided that it is not currently assigned to any user or group.
To delete the role, follow the instructions given in Operations on Users, Groups and Roles at the Organization level.
Note:
You cannot delete pre-defined system-wide roles from the Default
Organization.
