Creating Users and Groups

yuuvis® RAD management-studio 10.x »

To create users and groups, follow these steps

  1. Open the organization management in yuuvis® RAD management-studio via the Main menu > Organization.
  2. The basic organization is shown as the top layer.

  3. Select the basic organization.
  4. Click Actions menu iconActions menu and select New user or New group.
  5. Enter properties.
  6. Mandatory fields are labelled as such.

  7. Click Add.
  8. The changes will be saved and deployed on the server.

Group Properties

Name

Mandatory field. The name must be unique. Max. 250 characters.

Backslashes are not permitted.

E-mail address Optional: E-mail addresses can be used for notifications.
Internet address Optional
Active

Active/Inactive

Disabled groups are not displayed as part of the organizational structure in yuuvis® RAD client.

Existing groups are activated or deactivated by clicking Actions menu iconActions menu.

User Properties

User name

Mandatory field. The user name must be unique. Max. 250 characters.

Backslashes are not permitted.

First name Optional
Last name Optional
E-mail address Optional: E-mail addresses can be used for notifications.
Internet address Optional
Password

Mandatory field. The password must be confirmed. Policies for length and complexity apply.

The password of a user can only be subsequently changed if the user is locked.

Active

Active/Inactive

Disabled users are not displayed as part of the organizational structure in yuuvis® RAD client.

Existing users are enabled or disabled by clicking Actions menu iconActions menu.

Present

Present/Absent

Substitute rules apply to absent users.

Locked

Locked/Not locked

Locked users are unable to log in but remain part of the organizational structure.

Blocked for number seconds Number of seconds for which a user is blocked before another login attempt is permitted.
Number of failed logins Number of failed login attempts after the last successful login.
Last failed login Time of the last failed login attempt with an incorrect password.
Last successful login Time of the last successful login.
Image

Optional: You can assign an image from the file system to users by double-clicking the icon.

Format: JPG or PNG; max. 512 KB

Users can also assign an image via the settings in yuuvis® RAD client.

Role Assignments

Roles consist of object type rights and functional rights and are set up in yuuvis® RAD designer.

Enter the required roles in the Assigned area of the Role assignment tab or select them from the role list.

Enter the roles that are not assigned in the Excluded area. A user will not be assigned excluded roles even if these roles are assigned to this user via another group.

In yuuvis® RAD management-studio, roles can also be assigned to users and groups via the Main menu > Rights. This way it is also possible to check for users and rules whose/which roles are assigned as a whole.

If users are assigned roles through which they become participants in processes, then they are displayed in yuuvis® RAD management-studio as participants for activities of running processes that were already made available, though they cannot find the activity in their inbox and carry it out. If roles are removed, activities that have already been made available remain displayed in the inbox, but cannot be executed.

Substitute Assignment

Users and groups can be assigned substitutes. Enter the relevant users in the Assigned area.

Affiliation

Users and groups can be included in multiple groups. Enter the relevant groups in the Is contained in area or delete groups from it.

For groups, enter the groups and users that the group is to include in the Contains area.

Affiliation When Creating Users and Groups

Users and groups that you create via the actions menu of the basic organization are assigned to it and displayed in a line below the basic organization.

You can also open a group by double-clicking it and create additional groups and users via the actions menu of this group. These groups and users will then be assigned to the group automatically and displayed linearly below this group. You can edit the affiliations.

Object Type Rights

The object type rights that result from the group and role assignments are displayed for users and groups. Object type rights with conditions are labeled.

Assigning/Unassigning a Named License

Via the Actions menu iconActions menu, users can be assigned a named license, which can be unassigned once again. The number of named licenses available is specified in the license. Licenses can only be assigned if there are named licenses available. Users with an assigned named license can be identified under the Actions menu iconActions menu by an icon.

You can open a list of users to whom a named license is assigned via the endpoint /organization/query:

http://<host-gateway>/rest-ws/swagger.html?urls.primaryName=OrganizationService#/Endpoints/findOrganizationObjects with the value true for the parameter namedonly.

The 'root' technical user is always assigned a named license regardless of how many named licenses are available.

Deleting Users and Groups

Deletion of existing users and groups is carried out via Actions menu iconActions menu.

The effects of deletion on business processes should be checked. Before deletion, users and groups can be deactivated so that no new data referring to these users and groups is created.

Existing users and groups are also deactivated via the actions menu.

The respective follow-ups, subscriptions, and favorites are automatically deleted when users are deleted. The locked objects of deleted users can be unlocked via yuuvis® RAD client using the “Unlock objects” functional right.

Actions of deleted users are still shown in histories with the user name. In such cases, an ID is appended to the user name. This means the user name can be reassigned after a user has been deleted.

Changing the User Name

If a user name is changed, the user’s saved searches must be adjusted accordingly. To do this, the following script can be run against the Elasticsearch database, for example, via postman:

POST enaioquery/_update_by_query{
  "script":{     
  "source": "ctx._source.user = \"NEW_USER_NAME\"",     
  "lang": "painless"   
  },
  "query": {
    "term": {
      "user":{         
      "value": "OLD_USER_NAME"       
      }    
     }
  }