Creating Internal Users 🚀
Creating Internal Users
To create an internal user, go to Setup → Users & Groups → Internal Users → New User.
In the dialog window that appears, fill in the fields in the two tabs:
User Details: credentials and details of the user.
Permissions: permissions granted to the user.
User Details:
NAME
Name of the user
SURNAME
Last name of the user
Email of the user
GROUPS
Group/s to which the user will belong
USERNAME (*)
Username to log into the application
PASSWORD / CONFIRM PASSWORD (*)
ENABLED / DISABLED
The user can be enabled or disabled in the system
Setting Permissions
By default, all permissions are disabled! Only Administrators can set and change permissions granted to users and groups.
AUDITLOGSVIEW 🚀
Permission to view audit logs. Users with this permission can access the audit menu and table (Can Read/Can Write)
AUDITLOGSMANAGE 🚀
Permission to modify audit configurations (Can Read/Can Write)
A3
Permission to add and/or edit users and groups (Can Read/Can Write) The user must have this permission to access Data Mover
ACTORS
Permission to add and/or edit external users and groups (Can Read/Can Write)
APPLICATION-SERVER
Permission to read and/or write the logs on the back-end (Can Read/Can Write)
B2B-REPUTATION
Permission to view the ranking of an Actor, provided by Bitsign (Can Read)
BINDGROUPTOACTOR
Permission to bind groups from IAM or LDAP (Can Read/Can Write)
BINDUSERTOACTOR
Permission to bind users from IAM or LDAP (Can Read/Can Write)
CLUSTERS
Permission to edit infrastructure details within the Company profile (Can Read/Can Write)
COMPANY
Permission to read/edit company profile (Can Read/Can Write) The user must have this permission to access Data Mover
CONFIG
Permission to edit Advanced Settings (Can Read/Can Write) The user must have this permission to access Data Mover
CONFIGURATOR
Permission to import and/or export business object configurations (back-end) (Can Read/Can Write)
CONTRACTS
Permission to add and/or edit contracts (Can Read/Can Write)
CUSTOM-ATTRIBUTES
Permission to add custom attributes to Actor (back-end) (Can Read/Can Write)
DATAWATCHER
Permission to access DATA WATCHER (Can Read/Can Write) Important Note: This permission will be automatically available in new installations and in installations of Customers migrating from previous versions of the software. The read and write DATAWATCHER Permissions will be automatically set to ON for all users belonging to the Administrators’ group. All other Users will not have automatic access to DATA WATCHER and permission will have to be granted by the Administrator manually. 🚀 Starting from TF8, new permissions have been added for Data Watcher when it is in a bundle with Data Mover. See DW* permissions below. To ensure compatibility with earlier versions of the software, the DATAWATCHER permission remains in the list and is only overwritten if at least one permission from the new list (i.e. the one starting with DW) is selected.
DMZ
Permission to edit DMZ infrastructure details (Can Read/Can Write)
DWFLOWATTRIBUTE 🚀
Permission to edit/view flow attributes (Can Read/Can Write)
DWRUNSAVEDQUERY 🚀
Permission to run a saved query (Can Read/Can Write)
DWATTRIBUTE 🚀
Permission to view/edit attributes (Can Read/Can Write)
DWMODEL 🚀
Permission to view/edit Dataflow models (Can Read/Can Write)
DWSAVEDQUERY 🚀
Permission to view/edit saved queries (Can Read/Can Write)
DWFLOW 🚀
Permission to view/edit all flow instances (Can Read/Can Write)
DWCUTOFF 🚀
Permission to view/edit Cut-Offs (Can Read/Can Write)
DWCALENDAR 🚀
Permission to view/edit Calendars (Can Read/Can Write)
DWRESUMEDATAFLOW 🚀
Permission to resume Dataflows in the Dataflow Inquiry (Can Read/Can Write)
ENVIRONMENT
The user must have this permission to access Data Mover
FILERESOURCES
Permission to add/edit File Resource profiles (Can Read/Can Write)
GBI
Permission to invoke GBI services (back-end) (Can Read)
GROUPS
Permission to edit groups (Can Read/Can Write)
IDENTITY-ACCESS-MANAGEMENT
Permission to read/edit Identity Access Management (IAM) settings (Can Read/Can Write)
INCCALLS
Permission to configure incoming calls (Can Read/Can Write)
KEYSTORE
Permission to read/write keys in the system store (Can Read/Can Write)
LOCALNODES
Permission to see the configuration for Spazio2 (Can Read/Can Write)
LOCALPROTOCOLS
Permission to edit the protocol server infrastructure details (Can Read/Can Write)
METADATA
Permission to read file metadata (Can Read)
PERMISSIONGRANT
Permission to set the permission on users/groups and VFS (ACL) (Can Read/Can Write)
REMOTEPROTOCOLS
Permission to edit the details of the remote connection to Actors (Can Read/Can Write)
SPENG
Permission to invoke the API for Steng (Can Read/Can Write)
SPENGCEMANJOBCHANGEQUEUEOP
The user can change the execution queue of a suspended or submitted Job by using the change queue command (Can Read/Can Write) Note that the change queue option in the resume and abort and resubmit actions is not affected by this permission.
SPENGCEMANJOBS
The user can access the Jobs section of Data One (Can Read/Can Write)
SPENGCEMANJOBSABORTOP
The user can execute the abort action on a Job (Can Read/Can Write)
SPENGCEMANJOBSABORTRESUBMITOP
The user can execute the abort and resubmit action on a Job (Can Read/Can Write)
SPENGCEMANJOBSRESUBMITOP
The user can execute the resubmit action on a Job (Can Read/Can Write)
SPENGCEMANJOBSRESUMEOP
The user can execute the resume action on a Job, WITHOUT changing the status of the execution queue (Can Read/Can Write)
SPENGCEMANJOBSRESUMEQUEUEOP
The user can execute the resume action on a Job and change the status of the execution queue (Can Read/Can Write)
SPENGCEMANJOBSSUSPENDOP
The user can execute the suspend action on a Job (Can Read/Can Write)
SPENGJOBQUEUES
The user can access the Job Queues section of Data One (Can Read/Can Write)
STORAGECLASS
Permission to add/edit Storage Class profiles (Can Read/Can Write)
TMPOLICIES
Permission to add and/or edit the TMPolicy (Can Read/Can Write)
TRUSTSTORE
Permission to read/write keys or certificates of trusted SSH/SSL Actors in the system store (Can Read/Can Write)
UNTRUSTEDCACHE
Permission to read/write keys or certificates of untrusted SSH/SSL Actors in the system store (Can Read/Can Write)
UPLOAD
Permission to import files (Can Read/Can Write)
UPLOADTEMPLATE
Permission to import email templates (Can Read/Can Write)
USERCLASS
Permission to add/edit Retention Class profiles (Can Read/Can Write)
USERGROUPASSIGNMENT
Permission to add user to a group (Can Read/Can Write)
USERPUBKEY
Permission to associate a user with a key in the Trust Store (Can Read/Can Write)
USERS
Permission to manage internal and external users (Can Read/Can Write)
VFS
Permission to add/edit VFS profiles (Can Read/Can Write)
VFSEXPLORER
Permission to navigate the Virtual File System (VFS) via File Search functionality (Can Read)
WHO-DOES-WHAT
AUDIT for workflow (Can Read/Can Write)
WORKFLOW
Permission to add/edit workflows (Can Read/Can Write)
You can filter Permissions by their name in the Filter Permission edit box at the top of the panel.
Once you have created the User and configured its permissions, press Create.
Editing User Attributes
On the right of the screen, clicking the three-dot icon, the following options will appear:
UNBIND FROM REPOSITORY
Select this option, the user will no longer have access to external configuration of user permissions such as LDAP and IAM. Once selected, the user will be removed from the Result list. To bind the user again, select the BIND USER button.
DISABLE
Selecting this option, the user will no longer be able to authenticate in PRIMEUR Data One. Once confirmed, the entry will change to ENABLE.
DELETE
Select this option, the user will be removed from PRIMEUR Data One.
Importing Users
To import a user, go to Setup → Users & Groups → Internal Users → BIND USER. In the drop-down list, select the user you want to import. When done, choose the BIND button to confirm.
Last updated
