Users and Groups
Overview
You can create any number of users and user groups for UDMG and you can assign any user to any user group.
The permissions assigned to each user and group determine the level of access to UDMG functions.
You can assign any permission to any user or any user group. If you assign a user to a group, the user inherits all permissions assigned to that group.
Default Users and Groups
Default User
The default user is admin. It is granted all permissions and assigned to the default group.
Note
When the UDMG Server is first started, a single user named 'admin' is created with the password 'admin_password'. The user has full administrative permissions and should only be used to create other users to administer the UDMG Server.
It is strongly recommended that you create one or more users immediately and then change the 'admin' account password.
In case you have lost or forgotten the 'admin' password, please refer to Recover/reset administrator access rights.
Default Group
The default user group is Generic.Ā It is assigned to the default Business Service and has no permission by default.
It is assigned to a user when no other user groups are explicitly assigned or when the last user group assignment is removed.
Adding a User
You must have Write User permissions to add users.
By default, a new user has no permissions. Until permissions are granted, users can log into the UDMG user interface and view options in the Menu but cannot perform any tasks.
User Details
The following User Details are for an existing user. See the field descriptions below for the fields displayed in the User Details.
User Details Field Descriptions
The following table describes the fields, buttons, and tabs displayed in the User Details.
Ā
Field Name | Description |
---|---|
Details | The section contains detailed information about the user. |
Username | Log in ID for the user. |
Password | Password of the user. Click the Change PasswordĀ checkbox to update the password value. |
Icons | The section identifies the icons displayed above and below the User Details that let you perform various actions. |
Save () | Saves the User record in the database. |
New () | Displays empty (except for default values) User Details for creating a new record. |
Delete () | Deletes the current record. |
Refresh () | Refreshes any dynamic data displayed in the User Details. |
Tabs | The section identifies the tabs across the top of the User Details that provide access to additional information about the user. |
User | Enter and display the username and password.Ā |
Permissions | Allows you to assign permissions to the user. |
Member of Group | Allows you to assign the user to one or more groups. |
Adding a User Group
You must have Write User permissions to add groups.
A group is a collection of users. You can assign privileges/permissions to groups or users.
Any user assigned to a group inherits permissions assigned to that group.
Group Details
The following Group Details are for an existing group. See the field descriptions below for the fields displayed in the Group Details.
Group Details Field Descriptions
The following table describes the fields, buttons, and tabs displayed in the Group Details.
Ā
Field Name | Description |
---|---|
Details | The section contains detailed information about the group. |
Name | Name of the group. |
Description | Description of the record. It can contain a maximum of 1,000Ā characters. |
Business Service | The name of the Business Service that is linked to the user group. The permissions defined for the group apply only to the records assigned to the Business Service. |
Icons | The section identifies the icons displayed above and below the Group Details that let you perform various actions. |
Save () | Saves the record in the database. |
New () | Displays empty (except for default values) Group Details for creating a new record. |
Delete () | Deletes the current record. |
Refresh () | Refreshes any dynamic data displayed in the Group Details. |
Tabs | The section identifies the tabs across the top of the Group Details that provide access to additional information about the group. |
Group | Enter and display the group name and description.Ā |
Permissions | Allows you to assign permissions to the group. |
Group Members | Allows you to assign users to the group. |
Assigning Users to Groups
You can assign users to groups from a User record and from a Group record.
StepĀ 1 | Open the User or Group record. |
---|---|
StepĀ 2 | Click the Group Members (or Member of Group) tab. Ā
|
StepĀ 3 | For a user:
For a group:
|
StepĀ 4 | To assign a user to a group, move the user/group from the left window to the right window:
To unassign the user to a group, move theĀ user/group from the right window to the left window:
|
StepĀ 6 | Click Save changes. |
Assigning Permissions to Users or Groups
Permissions control user access to specific types of UDMG records, such as server or partner, and the functions that can be performed for those record types, such as Create or Delete.
You can further narrow down which permissions are applied to each record with the creation of a Business Service and/or User Group. The User Group grants permissions to the object in the Business Service.Ā
The user permissions have the highest priority. For instance, if a user has Server Write permissions, then the user can always update any server without considering any Business Service or User Group permission.
This is to avoid a user lockout situation. If a user is locked out because of complex group permission records, the user can be unlocked by granting the relevant user permission.
To add permissions to a user or group:
StepĀ 1 | Open a User or Group record. |
---|---|
StepĀ 2 | Click the Permissions tab. A list of permissions assigned to the user / group displays. For example, for a Group record: |
StepĀ 3 | Select permissions for the selected user or group using the toggles.
|
Types of Permissions
This section identifies the different types of permissions that can be added to a user or group.
Permission Type | Description |
---|---|
servers | Handling of local Server records. |
sharedAccounts | Handling of Shared Accounts records. |
partners | Handling of Partner records. |
rules | Handling of Transfer Rule records. |
transfers | Handling of Transfers: Read: retrieve status of current or past transfer. Write: Initiate, pause, resume, cancel, or retry a transfer. |
users | Management of users and access rights. The permission applies for handling User, Group, and Business Service records. |
pgp | Handling of PGP Key records. |
administration | System Administration. |
audit | Handling of audit records. |