Create new access group, edit access group and delete access group can be performed in Access Controller desktop web UI. This required Write permission on Access Controller. Logged in user with Execute permission can only view access group.
Groups List
A list of access group in displayed when we click into Groups tab.
Administrator is a predefined access group. By default, this group has full access to all the activities and functions in the system and it cannot be deleted. You can only change the Access Controller permissions for the Administrator group.
Add Group
To add a new group to the system:
- Select the Groups tab.
- Click button.
- Fill in the details according to the description below and click Save button.
| Setting | Description |
|---|---|
Name | Enter the name of the group. Valid characters are: A-Z, a-z, 0-9, '-' and '_' |
Description | Descriptive information about the group. |
| Allow Access Through SCIM | Check to enable access through SCIM API. |
Application | This column is a list of the all applications in the system. |
Execute | Check to enable the members of the access group to start an instance of the relevant application or view the data. Clear to prohibit the access group members from using it. |
Write | Check to enable the members of the access group to edit and save a configuration within the relevant application. Clear to prohibit the user from doing so. Note! The main Desktop menu is divided into Configuration, Inspection, and Tools. Configuration enables you to create configurations. Inspection enables you to view data that is produced by workflows. Tools enables you to view data that is generated by the system. When you define an Access Group in the Access Controller, you can only check Write for Inspection- and Tools applications, so that users are able to manipulate data that is either generated by a workflow, or by the system. Configuration Write access is set per configuration from the Set Permissions view. For further information see Properties in Browser(3.2). |
A drop down menu that allows the user to filter on application type. Options are ALL, CONFIGURATION, INSPECTOR, TOOL, WEB, WEB_API. | |
Select All | Enables Write (if applicable) and Execute for all permissions in the chosen category. |
Disables Write and Execute for all permissions in the chosen category. |
For information about how to modify configuration permissions, see Browser(3.2).
Note: For LDAP user to login MZ, create same LDAP Group name in Access Controller Access Groups tab.
Access Controller - Add New Access Group screen
Edit Group
To add edit a group in the system:
- Select the Groups tab.
- Click button on the selected Group.
- Make changes and click Save button.
Note: Group Name is not editable.
Access Controller - Edit Access Group screen
Delete Group
To add edit a group in the system:
- Select the Groups tab.
- Click button on the selected Group.
- Click Delete button on the confirmation message.
Note: Administrator Group is not allowed to be deleted.
Access Controller - Delete Access Group confirmation message
Add Comment