EBIFour.com Training Clarify QRGs Access Control – Creating a New Role
Access Control – Creating a New Role
4th June 2016
In a previous Quick Reference Guide, we discussed a new feature that was introduced in EBI 4.1 to enhance security to remote server environments called Access Control. Access Control allows you to create new accounts for each user, and establish permission based roles that allow the user to access only particular areas of the server environment, and grants access to reprocess logs, modify important values, and even to apply a license. For information on how to create an account, and establish a basic role to the account, click here.
In the references guide above, we chose between three different roles that are available. Those roles are:
- Admin –
This role contains all permissions available.
- SuperUser –
This role contains all permissions except the ability to modify user accounts
in Access Control.
- User – This role does not contain any special permissions.
A new account can use any of those three roles, or, a new role with identifying permissions can be created. A new role can be created for each user account created, identifying proper permissions. Or, a position-based role as per your company’s requirements can be created and attached to multiple users. To create a new role, follow these steps.
1.
Connect to your started EBI/Cleo Clarify Server
environment from the Cleo Clarify Studio. If prompted to login for the first
time, use the following login values:
a. Username: ebiadmin
b. Password: password
Note: You can use any login to modify Access
Control, so as proper administrative permissions are established to allow
modifications to Access Control accounts.
2.
Navigate to Admin Console | Access
Control.
3.
Below the Users
section, there are three tabs. Select
the Roles tab.
4.
In the Roles
section, click Add.
5.
In the New
Role popup, enter a Name and a Description of the role.
6.
Click OK.
7.
Select the new role that was created from the Roles section to display the Role Details section to the right.
8.
At this time, the new role does not have any
permissions established, and is also not attached to the desired amoore user
account that was previously created in a previous guide. You must still attach the new role to the
previous account.
To add a permission to the role, in the Permissions
section, click Add.
9. In the Select Permissions window, select the desired permission to add, and click OK.
Note: From this screen, you are able to control-click, or shift-click to
multi-select more than one value.
10. Verify that all the permissions are included to the newly created role.
At this point, we created a new role and attached associated permissions. As we previously mentioned, although it is created, no user account is currently using this new role at this time. To add a user account, you can do so either in the Users tab, and add that role to the proper user account. Or, you can add the user account to the proper role. To do so, follow these steps.
11.
In the Users
section in Role Details, click Add.
12. In the Select Users window, choose the desired user, or users by control-clicking or shift-clicking and click OK.
Note: A user account can have multiple
roles. And a role can have multiple
users. If there are roles created as per
your team’s infrastructure, you can create roles based on those team-based
positions. Such as, the Project Manager
who should have all permissions with perhaps the Access Control permissions. Or, a Team Lead, who may have all permissions
to deploy and install Projects to the server environment. Or, even a new hire role where permissions
only allow viewing of server logs. There
are many different roles that can be created, choose one that suits your needs.
By: Sean Hoppe on