Creating Internal Users
Creating Internal Users
To create an internal user, go to Setup → Users & Groups → Internal Users → New User.
In the dialog window that appears, fill in the fields in the two tabs:
- User Details: credentials and details of the user.
- Permissions: permissions granted to the user.
User Details:
| Field | Description |
|---|---|
| NAME | Name of the user |
| SURNAME | Last name of the user |
| Email of the user | |
| GROUPS | Group/s to which the user will belong |
| USERNAME (*) | Username to log into the application |
| PASSWORD / CONFIRM PASSWORD (*) | Password to log into the application. See Setting the password policy. |
| ENABLED / DISABLED | The user can be enabled or disabled in the system |
Setting Permissions
Warning!
By default, all permissions are disabled!
Only Administrators can set and change permissions granted to users and groups.
| Parameter | Description (Value) |
|---|---|
| A3 | Permission to add and/or edit users and groups (Can Read/Can Write) The user must have this permission to access Data Mover |
| ACTORS | Permission to add and/or edit external users and groups (Can Read/Can Write) |
| APPLICATION-SERVER | Permission to read and/or write the logs on the back-end (Can Read/Can Write) |
| B2B-REPUTATION | Permission to view the ranking of an Actor, provided by Bitsign (Can Read) |
| BINDGROUPTOACTOR | Permission to bind groups from IAM or LDAP (Can Read/Can Write) |
| BINDUSERTOACTOR | Permission to bind users from IAM or LDAP (Can Read/Can Write) |
| CLUSTERS | Permission to edit infrastructure details within the Company profile (Can Read/Can Write) |
| COMPANY | Permission to read/edit company profile (Can Read/Can Write) The user must have this permission to access Data Mover |
| CONFIG | Permission to edit Advanced Settings (Can Read/Can Write) The user must have this permission to access Data Mover |
| CONFIGURATOR | Permission to import and/or export business object configurations (back-end) (Can Read/Can Write) |
| CONTRACTS | Permission to add and/or edit contracts (Can Read/Can Write) |
| CUSTOM-ATTRIBUTES | Permission to add custom attributes to Actor (back-end) (Can Read/Can Write) |
| DATAWATCHER | Permission to access DATA WATCHER (Can Read/Can Write) Important Note: This permission will be automatically available in new installations and in installations of Customers migrating from previous versions of the software. The read and write DATAWATCHER Permissions will be automatically set to ON for all users belonging to the Administrators’ group. All other Users will not have automatic access to DATA WATCHER and permission will have to be granted by the Administrator manually. |
| DMZ | Permission to edit DMZ infrastructure details (Can Read/Can Write) |
| ENVIRONMENT | The user must have this permission to access Data Mover |
| FILERESOURCES | Permission to add/edit File Resource profiles (Can Read/Can Write) |
| GBI | Permission to invoke GBI services (back-end) (Can Read) |
| GROUPS | Permission to edit groups (Can Read/Can Write) |
| IDENTITY-ACCESS-MANAGEMENT | Permission to read/edit Identity Access Management (IAM) settings (Can Read/Can Write) |
| INCCALLS | Permission to configure incoming calls (Can Read/Can Write) |
| KEYSTORE | Permission to read/write keys in the system store (Can Read/Can Write) |
| LOCALNODES | Permission to see the configuration for Spazio2 (Can Read/Can Write) |
| LOCALPROTOCOLS | Permission to edit the protocol server infrastructure details (Can Read/Can Write) |
| METADATA | Permission to read file metadata (Can Read) |
| PERMISSIONGRANT | Permission to set the permission on users/groups and VFS (ACL) (Can Read/Can Write) |
| REMOTEPROTOCOLS | Permission to edit the details of the remote connection to Actors (Can Read/Can Write) |
| SPENG | Permission to invoke the API for Steng (Can Read/Can Write) |
| SPENGCEMANJOBCHANGEQUEUEOP | The user can change the execution queue of a suspended or submitted Job by using the change queue command (Can Read/Can Write) Note that the change queue option in the resume and abort and resubmit actions is not affected by this permission. |
| SPENGCEMANJOBS | The user can access the Jobs section of Data One (Can Read/Can Write) |
| SPENGCEMANJOBSABORTOP | The user can execute the abort action on a Job (Can Read/Can Write) |
| SPENGCEMANJOBSABORTRESUBMITOP | The user can execute the abort and resubmit action on a Job (Can Read/Can Write) |
| SPENGCEMANJOBSRESUBMITOP | The user can execute the resubmit action on a Job (Can Read/Can Write) |
| SPENGCEMANJOBSRESUMEOP | The user can execute the resume action on a Job, WITHOUT changing the status of the execution queue (Can Read/Can Write) |
| SPENGCEMANJOBSRESUMEQUEUEOP | The user can execute the resume action on a Job and change the status of the execution queue (Can Read/Can Write) |
| SPENGCEMANJOBSSUSPENDOP | The user can execute the suspend action on a Job (Can Read/Can Write) |
| SPENGJOBQUEUES | The user can access the Job Queues section of Data One (Can Read/Can Write) |
| STORAGECLASS | Permission to add/edit Storage Class profiles (Can Read/Can Write) |
| TMPOLICIES | Permission to add and/or edit the TMPolicy (Can Read/Can Write) |
| TRUSTSTORE | Permission to read/write keys or certificates of trusted SSH/SSL Actors in the system store (Can Read/Can Write) |
| UNTRUSTEDCACHE | Permission to read/write keys or certificates of untrusted SSH/SSL Actors in the system store (Can Read/Can Write) |
| UPLOAD | Permission to import files (Can Read/Can Write) |
| UPLOADTEMPLATE | Permission to import email templates (Can Read/Can Write) |
| USERCLASS | Permission to add/edit Retention Class profiles (Can Read/Can Write) |
| USERGROUPASSIGNMENT | Permission to add user to a group (Can Read/Can Write) |
| USERPUBKEY | Permission to associate a user with a key in the Trust Store (Can Read/Can Write) |
| USERS | Permission to manage internal and external users (Can Read/Can Write) |
| VFS | Permission to add/edit VFS profiles (Can Read/Can Write) |
| VFSEXPLORER | Permission to navigate the Virtual File System (VFS) via File Search functionality (Can Read) |
| WHO-DOES-WHAT | AUDIT for workflow (Can Read/Can Write) |
| WORKFLOW | Permission to add/edit workflows (Can Read/Can Write) |
You can filter Permissions by their name in the Filter Permission edit box at the top of the panel.
Once you have created the User and configured its permissions, press Create.
Editing User Attributes
To Edit the attributes of a user, click the 
icon on the right of the screen. The dialog window with User Details and Permissions entered for the User will be loaded and you will be able to modify attributes as needed. Click Save to confirm your changes.
On the right of the screen, clicking the three-dot icon, the following options will appear:
| UNBIND FROM REPOSITORY | Select this option, the user will no longer have access to external configuration of user permissions such as LDAP and IAM. Once selected, the user will be removed from the Result list. To bind the user again, select the BIND USER button. |
| DISABLE | Selecting this option, the user will no longer be able to authenticate in PRIMEUR Data One. Once confirmed, the entry will change to ENABLE. |
| DELETE | Select this option, the user will be removed from PRIMEUR Data One. |
Importing Users
To import a user, go to Setup → Users & Groups → Internal Users → BIND USER. In the drop-down list, select the user you want to import. When done, choose the BIND button to confirm.
Tip!
A maximum of 10 Internal Users will be listed. If the Internal User you are looking for is not included in the list, enter the name of the User and run the search again.
Updated 1 day ago