...
To be able to operate the system, you need to be defined as a user in the system. Your access to various 
applications is defined by the access group that you are assigned to. Execute permissions to prescribe how members of an access group can use a certain application. For applications that include configurable parameters, you need to delegate Write permission.
| Note |
|---|
Note!By default, members of the predefined group Administrator have full permissions for the Access Controller. You can enable these permissions for other groups if neededas well. When no members belong to in the Administrator group, all users with full permissions for the Access Controller will have Administrative Administration access. It is not possible to disable or delete the last active user with full permissions for the Access Controller. This is to prevent system lockout. Members that are not part of the Administrator group are will not be able to remove or modify the Administrator group or and any of its group members. Only one user can may use the Access Controller with write permissions at any given time. It is not possible to delete the last group with members that have full permissions for the Access Controller. This is to prevent system lockout.By setting the Platform property mz.security.user.restricted.login to true, access is restricted to one login for each interface type: Desktop Web InterfaceCommand Line Tool mzsh It is possible to use SCIM via the REST HTTP interface to POST, GET, DELETE, PUT , and PATCH user and group configurations.
|
...