...
Different roles can be set up as access groups, with a defined set of write and execute permissions for the applications. Each user can belong to one or several access groups. For more information regarding the user administration, see 6.1 Access Controller in the Desktop User's Guide.
Every time a user or an access group has been updated, a user event is created containing information regarding the changes. This is logged in the System Log, but can also be handled by the Event Notification. For further information, see 4. see Event Notifications, and 6.14 System Log in the Desktop User's Guide.
At installation, a default user called mzadmin and an access group called Administrator are created. The default user and any other user that belongs to the same access group will have full permissions in the system. You cannot delete the default user or access group. However, you can remove the permissions to use the Access Controller.
...
The Platform property mz.security.user.control.enabled will be set to same value as install.security. This property is used to enforce additional password rules. For further, see Enhanced User Security and Enhanced Security Password Rules in 6.1 Rules in Access Controller in the Desktop User's Guide.
If the password for mzadmin has been forgotten, it is possible to reset it with the Platform property mz.user.secret.unlock. For more information about how to reset the mzadmin password, see 2.9 see Resetting the mzadmin Password in the System Administrator's Guide.