Creating and Managing Users

From ER/Studio Data Architect
Jump to: navigation, search

Go Up to Establishing Security for the Repository

Managing users entails creating, changing, and deleting user account permissions and logins, checking in a users checked out documents under unusual circumstances. You can control the privileges granted to a user for a specific diagram, model, submodel or Enterprise Data Dictionary by associating the user with a role. Using Roles, you can choose the permissions granted a user for the Repository item.

  • To access, create, update, and delete user information, a Repository administrator must have Repository Object Type Permission, Access Security Info and Update Security Info privileges.

Create, Edit, Delete, Deactivate, Reactivate, Log Out, and Check In Users

  1. Choose Repository > Security > Security Center.
  2. Click the Manage Users tab.
  3. On the Manage Users tab, you can manage users by clicking their name in the list and then clicking a management option and following the prompts as required.
  4. Continue making security changes and then click OK to exit the security center.
  5. To assign permissions to users, see Assigning a Role to a User/Group.
  6. Notify users that they must log out and then log in again to receive the security updates.

The following helps you complete the options of the Manage Users tab:

User Management area

Administrator User 'Force' Options area

Notes

User Management area

  • New: Click New to add a new user through the Create Repository User dialog.
  • Directory Service User: Select this option If you want the new user to login to the Repository using their Windows credentials. In this case ER/Studio Data Architect accesses the LDAP server on the network to verify the user's credentials. Directory service users can check the Log in using current Windows account option on the Repository login dialog to use their Windows user ID and password to log into the Repository.
  • Delete: Select a user and then click Delete to delete the user. You cannot delete the Admin user.
  • Deleting a user also deletes version history for that user, which means that version history for all actions done on various objects by that user will also be deleted. It may be advisable to instead deactivate the user. Deactivating a user does not delete their history.

Administrator User 'Force' Options area

When you use the Check In User option, you can choose how to handle the checked out objects.

  • Convert to non-exclusive: Enables the user to continue making changes to the checked out items. Other users can then check out the same items. When checking in non-exclusively checked out items, if the item was changed by another user since it was checked out, the user can resolve the differences and choose to override the other user's changes or to update his local version with the changes found in the Repository.
  • Undo Check Out: When the user next connects to the Repository, the status of his items will be updated to show that they are not checked out.

Notes

  • You cannot delete or deactivate the Admin user, but you should change the Admin password from the default, which is Admin.
  • The new user appears in the user list with a star indicating that this user does not yet have any roles assigned to it for any Repository items.
  • Users must log out and log in again to receive any security updates.
  • The Admin does not need to know the user's password to create a new password for the user.
  • The Admin can look to the Manage Users tab to find out which users are logged in to the Repository and whether or not they currently have items checked out. Knowing if users have items checked out is particularly useful when upgrading the Repository, because after before upgrading the Repository the users should check all their items in and then do a clean get and check out of the items when the upgrade is complete. Knowing which users are logged in is useful when changing security center settings because after making any setting changes, the Admin should request online users to log off and log in again to receive the security center updates.
  • The Administrator may want to user log a user out to receive security center updates. For example, a new diagram has been added to a project and the diagram shouldn't be accessible by all the users who have access to the project. The Administrator can make the necessary security changes for the project and then log out the users, forcing them to log in again to receive the security updates. Other unusual circumstances may arise when it is necessary for the Administrator to log a user out of the Repository.

Assigning a Role to a User

Assigning a role to a user grants the user all the permissions selected in the role.

  1. Choose Repository > Security > Security Center.
  2. Select a Repository item you want to assign permissions to.
    • If the user is not currently assigned a role, on the Repository Security tab, click the user name in the Available Users column and drag it onto a role name in the Available Roles column.
    • If the user was already assigned a role, on the Repository Security tab, click the user name the Available Roles column and drag it onto another role name in the Available Roles column.
  3. Click Apply and then click OK to exit the Security Center.
  4. Notify users that they must log out and then log in again to receive the security updates.

See Also

Personal tools
Product Videos