Creating Internal Users πŸš€

Creating Internal Users

To create an internal user, go to Setup β†’ Users & Groups β†’ Internal Users β†’ New User.

In the dialog window that appears, fill in the fields in the two tabs:

  1. User Details: credentials and details of the user.

  2. Permissions: permissions granted to the user.

User Details:

Field
Description

NAME

Name of the user

SURNAME

Last name of the user

EMAIL

Email of the user

GROUPS

Group/s to which the user will belong

USERNAME (*)

Username to log into the application

PASSWORD / CONFIRM PASSWORD (*)

Password to log into the application. See the details in the Setting the password policy page.

ENABLED / DISABLED

The user can be enabled or disabled in the system

Setting Permissions

Parameter
Description (Value)

AUDITLOGSVIEW πŸš€

Permission to view audit logs. Users with this permission can access the audit menu and table (Can Read/Can Write)

AUDITLOGSMANAGE πŸš€

Permission to modify audit configurations (Can Read/Can Write)

A3

Permission to add and/or edit users and groups (Can Read/Can Write) The user must have this permission to access Data Mover

ACTORS

Permission to add and/or edit external users and groups (Can Read/Can Write)

APPLICATION-SERVER

Permission to read and/or write the logs on the back-end (Can Read/Can Write)

B2B-REPUTATION

Permission to view the ranking of an Actor, provided by Bitsign (Can Read)

BINDGROUPTOACTOR

Permission to bind groups from IAM or LDAP (Can Read/Can Write)

BINDUSERTOACTOR

Permission to bind users from IAM or LDAP (Can Read/Can Write)

CLUSTERS

Permission to edit infrastructure details within the Company profile (Can Read/Can Write)

COMPANY

Permission to read/edit company profile (Can Read/Can Write) The user must have this permission to access Data Mover

CONFIG

Permission to edit Advanced Settings (Can Read/Can Write) The user must have this permission to access Data Mover

CONFIGURATOR

Permission to import and/or export business object configurations (back-end) (Can Read/Can Write)

CONTRACTS

Permission to add and/or edit contracts (Can Read/Can Write)

CUSTOM-ATTRIBUTES

Permission to add custom attributes to Actor (back-end) (Can Read/Can Write)

DATAWATCHER

Permission to access DATA WATCHER (Can Read/Can Write) Important Note: This permission will be automatically available in new installations and in installations of Customers migrating from previous versions of the software. The read and write DATAWATCHER Permissions will be automatically set to ON for all users belonging to the Administrators’ group. All other Users will not have automatic access to DATA WATCHER and permission will have to be granted by the Administrator manually. πŸš€ Starting from TF8, new permissions have been added for Data Watcher when it is in a bundle with Data Mover. See DW* permissions below. To ensure compatibility with earlier versions of the software, the DATAWATCHER permission remains in the list and is only overwritten if at least one permission from the new list (i.e. the one starting with DW) is selected.

DMZ

Permission to edit DMZ infrastructure details (Can Read/Can Write)

DWFLOWATTRIBUTE πŸš€

Permission to edit/view flow attributes (Can Read/Can Write)

DWRUNSAVEDQUERY πŸš€

Permission to run a saved query (Can Read/Can Write)

DWATTRIBUTE πŸš€

Permission to view/edit attributes (Can Read/Can Write)

DWMODEL πŸš€

Permission to view/edit Dataflow models (Can Read/Can Write)

DWSAVEDQUERY πŸš€

Permission to view/edit saved queries (Can Read/Can Write)

DWFLOW πŸš€

Permission to view/edit all flow instances (Can Read/Can Write)

DWCUTOFF πŸš€

Permission to view/edit Cut-Offs (Can Read/Can Write)

DWCALENDAR πŸš€

Permission to view/edit Calendars (Can Read/Can Write)

DWRESUMEDATAFLOW πŸš€

Permission to resume Dataflows in the Dataflow Inquiry (Can Read/Can Write)

ENVIRONMENT

The user must have this permission to access Data Mover

FILERESOURCES

Permission to add/edit File Resource profiles (Can Read/Can Write)

GBI

Permission to invoke GBI services (back-end) (Can Read)

GROUPS

Permission to edit groups (Can Read/Can Write)

IDENTITY-ACCESS-MANAGEMENT

Permission to read/edit Identity Access Management (IAM) settings (Can Read/Can Write)

INCCALLS

Permission to configure incoming calls (Can Read/Can Write)

KEYSTORE

Permission to read/write keys in the system store (Can Read/Can Write)

LOCALNODES

Permission to see the configuration for Spazio2 (Can Read/Can Write)

LOCALPROTOCOLS

Permission to edit the protocol server infrastructure details (Can Read/Can Write)

METADATA

Permission to read file metadata (Can Read)

PERMISSIONGRANT

Permission to set the permission on users/groups and VFS (ACL) (Can Read/Can Write)

REMOTEPROTOCOLS

Permission to edit the details of the remote connection to Actors (Can Read/Can Write)

SPENG

Permission to invoke the API for Steng (Can Read/Can Write)

SPENGCEMANJOBCHANGEQUEUEOP

The user can change the execution queue of a suspended or submitted Job by using the change queue command (Can Read/Can Write) Note that the change queue option in the resume and abort and resubmit actions is not affected by this permission.

SPENGCEMANJOBS

The user can access the Jobs section of Data One (Can Read/Can Write)

SPENGCEMANJOBSABORTOP

The user can execute the abort action on a Job (Can Read/Can Write)

SPENGCEMANJOBSABORTRESUBMITOP

The user can execute the abort and resubmit action on a Job (Can Read/Can Write)

SPENGCEMANJOBSRESUBMITOP

The user can execute the resubmit action on a Job (Can Read/Can Write)

SPENGCEMANJOBSRESUMEOP

The user can execute the resume action on a Job, WITHOUT changing the status of the execution queue (Can Read/Can Write)

SPENGCEMANJOBSRESUMEQUEUEOP

The user can execute the resume action on a Job and change the status of the execution queue (Can Read/Can Write)

SPENGCEMANJOBSSUSPENDOP

The user can execute the suspend action on a Job (Can Read/Can Write)

SPENGJOBQUEUES

The user can access the Job Queues section of Data One (Can Read/Can Write)

STORAGECLASS

Permission to add/edit Storage Class profiles (Can Read/Can Write)

TMPOLICIES

Permission to add and/or edit the TMPolicy (Can Read/Can Write)

TRUSTSTORE

Permission to read/write keys or certificates of trusted SSH/SSL Actors in the system store (Can Read/Can Write)

UNTRUSTEDCACHE

Permission to read/write keys or certificates of untrusted SSH/SSL Actors in the system store (Can Read/Can Write)

UPLOAD

Permission to import files (Can Read/Can Write)

UPLOADTEMPLATE

Permission to import email templates (Can Read/Can Write)

USERCLASS

Permission to add/edit Retention Class profiles (Can Read/Can Write)

USERGROUPASSIGNMENT

Permission to add user to a group (Can Read/Can Write)

USERPUBKEY

Permission to associate a user with a key in the Trust Store (Can Read/Can Write)

USERS

Permission to manage internal and external users (Can Read/Can Write)

VFS

Permission to add/edit VFS profiles (Can Read/Can Write)

VFSEXPLORER

Permission to navigate the Virtual File System (VFS) via File Search functionality (Can Read)

WHO-DOES-WHAT

AUDIT for workflow (Can Read/Can Write)

WORKFLOW

Permission to add/edit workflows (Can Read/Can Write)

You can filter Permissions by their name in the Filter Permission edit box at the top of the panel.

Once you have created the User and configured its permissions, press Create.

Editing User Attributes

To Edit the attributes of a user, click the icon on the right of the screen. The dialog window with User Details and Permissions entered for the User will be loaded and you will be able to modify attributes as needed. Click Save to confirm your changes.

On the right of the screen, clicking the three-dot icon, the following options will appear:

UNBIND FROM REPOSITORY

Select this option, the user will no longer have access to external configuration of user permissions such as LDAP and IAM. Once selected, the user will be removed from the Result list. To bind the user again, select the BIND USER button.

DISABLE

Selecting this option, the user will no longer be able to authenticate in PRIMEUR Data Mover. Once confirmed, the entry will change to ENABLE.

DELETE

Select this option, the user will be removed from PRIMEUR Data Mover.

Importing Users

To import a user, go to Setup β†’ Users & Groups β†’ Internal Users β†’ BIND USER. In the drop-down list, select the user you want to import. When done, choose the BIND button to confirm.

A maximum of 10 Internal Users will be listed. If the Internal User you are looking for is not included in the list, enter the name of the User and run the search again.

Last updated