Understanding Modelpedia Authorization

Similar documents
HUG038. Change Management User Guide. Holocentric User Guide

BMS Managing Users in Modelpedia V1.1

De La Salle University Information Technology Center. Microsoft Windows SharePoint Services and SharePoint Portal Server 2003

IBM Proventia Management SiteProtector Policies and Responses Configuration Guide

About SharePoint Server 2007 My Sites

Revision Markup User Guide

Kentico CMS 6.0 Intranet Administrator's Guide

ms-help://ms.technet.2004apr.1033/ad/tnoffline/prodtechnol/ad/windows2000/howto/mapcerts.htm

Introduction: User Privileges

Working with Groups, Roles, and Users. Selectica, Inc. Selectica Contract Performance Management System

IBM Security Identity Manager Version Administration Topics

HPE Intelligent Management Center v7.3

Creating an Analyst Viewer User and Group

ER/Studio Enterprise Portal User Guide

Table Of Contents. iii

Enterprise Architect. User Guide Series. Model Wizard

Manage Administrators and Admin Access Policies

Setting Access Controls on Files, Folders, Shares, and Other System Objects in Windows 2000

2554 : Administering Microsoft Windows SharePoint Services and SharePoint Portal Server 2003

Contents. Common Site Operations. Home actions. Using SharePoint

Admin Table is oftr Caoto ntr e s U ntsser Guide Table of Contents Introduction Accessing the Portal

Tzunami Deployer Confluence Exporter Guide

Microsoft Windows SharePoint Services

SCHOOL COLLABORATION SITES Reference Guide

Using the VMware vcenter Orchestrator Client. vrealize Orchestrator 5.5.1

Guide to managing departmental shared drives

Manage Administrators and Admin Access Policies

CA Clarity Project & Portfolio Manager

ER/Studio Enterprise Portal User Guide

TimeTrak White Paper

Using the VMware vrealize Orchestrator Client

Explorer View document libraries, 165 form library, 183

Microsoft Office SharePoint Portal Server 2003 Document Library Migration Tools

SAS. Information Map Studio 3.1: Creating Your First Information Map

IT Certification Exams Provider! Weofferfreeupdateserviceforoneyear! h ps://

ControlPoint. Evaluation Guide. November 09,

Avaya Event Processor Release 2.2 Operations, Administration, and Maintenance Interface

Introduction. User Privileges. PEPFAR SharePoint: Poweruser Guide

Product Documentation. ER/Studio Portal. User Guide. Version Published February 21, 2012

Oracle BI 11g R1: Build Repositories

Liferay Portal 4 - Portal Administration Guide. Joseph Shum Alexander Chow Redmond Mar Jorge Ferrer

TOP Server Version 6 Security Settings

Contents 1. Accessing Microsoft Stream Uploading your video to My content area Deleting your video Sharing your video...

Business Objects Exam SABE201 BusinessObjects(TM) Enterprise Certified Professional XI - Level One Version: 5.0 [ Total Questions: 160 ]

BDM Hyperion Workspace Basics

Tzunami Deployer Confluence Exporter Guide

Content Publisher User Guide

Xcalibur Global Version Rev. 2 Administrator s Guide Document Version 1.0

CA Output Management Web Viewer

ImageNow Interact for Microsoft SharePoint Installation, Setup, and User Guide

Setting Up Jive for SharePoint Online and Office 365. Introduction 2

Vodafone Secure Device Manager Administration User Guide

Business Intelligence Platform User Guide SAP BusinessObjects Business Intelligence platform 4.0 Support Package 2

Quick Start Guide. Kaseya 2009

IIT Cognos Portal Librarian Guide

ADDING VIDEO FILES TO EQUELLA


Symbio Manual. Administrator Role

IT Training Services. SharePoint 2013 Getting Started. Version: 2015/2016 V1

Quick Reference Guide SharePoint Quick Reference Guide

ControlPoint. Managing ControlPoint Users, Permissions, and Menus. February 05,

Security Explorer 9.1. User Guide

Click on OneDrive on the menu bar at the top to display your Documents home page.

9.0 Help for Community Managers About Jive for Google Docs...4. System Requirements & Best Practices... 5

Document control. Document version and change history. CPC User Guide v1.1 30/04/ Version Date Nature of change / comments Editors

Laserfiche Security Training Manual

SilverStripe - Website Administrators

Faculty of Engineering Computer Engineering Department Islamic University of Gaza Network Lab # 7 Permissions

HP Intelligent Management Center SOM Administrator Guide

PRISM-FHF The Fred Hollows Foundation

IT Essentials v6.0 Windows 10 Software Labs

Liferay User Management. Kar Joon Chew Oct 2011

Installing and Configuring vcloud Connector

Below is the list of Windows Server Group Policy Interview Questions Asked in Windows System Administrator / L1/l2/l3 Support Engineer Interviews.

Manage and Generate Reports

EMC Documentum Composer

Managed Projects. Modified by Jason Howie on 31-May-2017

AT&T Cloud Solutions Portal. Account and User Management Guide

Symbio Manual. Administrator Role

Teamcenter 11.1 Systems Engineering and Requirements Management

Product Documentation. ER/Studio Portal. User Guide 2nd Edition. Version 2.0 Published January 31, 2013

Documentum Client for Siebel User Guide

Enterprise Architect. User Guide Series. Model Navigation

Administration. STILOG IST, all rights reserved

TREENO ELECTRONIC DOCUMENT MANAGEMENT. Administration Guide

Integrating with Prime Service Catalog

Accops HyWorks v3.0. Quick Start Guide. Last Update: 4/25/2017

Secure Mobile Access Module

Ambientia Image Bank TM 2.3

How to Add and Remove Permissions to Your Page

Briefcase for Mac 1.0. Administrator s Guide

EMC Documentum Composer

Security and Permissions in the Orchestrator System

ER/Studio Enterprise Portal 1.1 User Guide

Informatica Axon Data Governance 5.2. Release Guide

Getting Started Guide. Chapter 14 Customizing LibreOffice

MITEL. Live Content Suite. Mitel Live Content Suite Installation and Administrator Guide Release 1.1

McAfee MVISION Mobile Microsoft Intune Integration Guide

Perceptive Interact for EpicCare Link

Using BlueStep Data Vault with WebDAV

Transcription:

With Holocentric Modeler and Modelpedia Understanding Modelpedia Authorization V1.0/HUG003

Table of Contents 1 Purpose 3 2 Introduction 4 3 Roles 4 3.1 System Authority Roles... 5 3.2 Role Inclusion... 6 4 Role Assignment 7 4.1 Assigning Roles... 7 4.1.1 To Assign Roles in a Modelpedia Context Item 8 4.1.2 Assigning Roles to Groups 10 4.1.3 Viewing Role Assignment Per User 11 4.2 Inherited Role Assignment... 13 4.2.1 Viewing Inherited Role Assignments 13 4.2.2 Disabling Inheritance 14 4.3 Mapping Project Roles to System Authority Roles... 15 4.3.1 Assigning Access to Prerequisites 16 5 Understanding Groups 17 5.1 Internal Groups... 17 5.1.1 Creating Internal Groups 17 5.1.2 Managing Internal Group Membership 19 5.2 External Groups... 20 5.2.1 External Group Sychronisation 20 6 Repository Administrators 21 7 Organization Administrators 22 HUG003 - Understanding Modelpedia Authorization 10 February 2012 Page 2 of 22

1 Purpose Part 1 This document is Part 3 in the series with Holocentric Modeler and Modelpedia. These documents are intended for consultants, administrators and clients who are building and managing a project team using Holocentric Modeler and Modelpedia to create and deliver business models. Together, the documents provide detailed guidelines to assist in the configuration, optimization and successful operation of Holocentric Modeler and Modelpedia in a new project environment. Overview Business Process Lifecycle Overview Administration/Capture/Model 2 Setup and Configuration 3 Understanding Modelpedia Authorization Description Provides business managers, evaluators and project managers, with an overview of the process lifecycle. Describes the prerequisite setup and configuration tasks that must occur, prior to the commencement of a modeling project. Explains the allocation and authorization of roles for each team member in the modeling project. 4 Understanding Version Control Explains how the version control system can be utilized to track changes to a model. 5 Team Modeling Describes the setup of the environment required for modeling work carried out by a team. Review 6 Preparing the Review 7 Conducting the Review Consume Describes the configuration required to prepare the model content for the review cycle. Explains how to publish library websites to allow consumers to collaborate and share ideas on the contents of models. 8 Customizing Modelpedia Published Websites Explains how to customize the model content for different audiences. The adoption of common guidelines across modeling projects will ensure a high degree of standardization and consistency for the deployment of Holocentric Modeler and Modelpedia across your organization. HUG003 - Understanding Modelpedia Authorization 10 February 2012 Page 3 of 22

2 Introduction The Modelpedia requires that every user be authenticated and authorized. Authorization is a fundamental administrative concept that must be understood by all project and model administrators. 3 Roles Authorization in Modelpedia is managed through roles. A role is effectively a group of permissions that apply to a range of item types. Modelpedia roles come in three varieties: Model Role, Authority Role and System Authority Role. It is the System Authority Roles that are used for authorization. Icon Type of Role System Authority Description This role is built into Modelpedia and is assigned to a user or group to allow for differential access permission to models in an enterprise. Used For Authorization Authority This is an administrative role created by the user in Modelpedia and may include a standard System Authority role. Model This role is created in Modelpedia and is used for assigning application Perspectives within a model content. It corresponds to an Application Role in Modeler, both sharing a common ID. HUG003 - Understanding Modelpedia Authorization 10 February 2012 Page 4 of 22

3.1 System Authority Roles The Modelpedia has an in-built set of standard System Authority Roles that are used for authorization. System Authority Roles are identified by the icon System Authority Role Area Administrator Area Contributor Area Viewer Model Administrator Model Contributor Model Viewer Organization Administrator Published Model Administrator Published Model Contributor Published Model Viewer Repository Administrator System Role* Repository User Has permission to Create, delete, rename and add items to an area in the repository. Permissions apply to all items contained within the area. Add items to an area but not change the properties of or delete the original area. View the list of contents of an Area but not to view the models or websites in an area. Check a model in and out, delete and publish models. Modify a model but not check it in or out. This role is typically used for the members of a modeling Team. View the contents of models in read-only mode. Create Authority Roles which are user defined, and may include one or more standard System Authority Role. This role has only organization-level maintenance privileges. Delete or change published model websites. May delete discussion items, close discussion topics and create tasks from discussion topics. Read and contribute to discussion on published websites. Access and by default view all the content of a published website. A model may apply further restrictions to content internally. Able to perform any action on any item in the Repository, including all Administrative functions. Should not usually be assigned as a discrete role but conferred by membership of the Repository Administrators group. Description Minimum role required for access to the repository. Confers no permissions, should not usually be assigned as a discrete role. Classification Contributor Able to classify models as publishing or template libraries. Should not usually be assigned as a discrete role. * Please do not assign these roles except under advice HUG003 - Understanding Modelpedia Authorization 10 February 2012 Page 5 of 22

3.2 Role Inclusion Roles may include other roles. Role inclusion effectively means this role also plays the included role(s). Role inclusion makes administration simpler as fewer discrete roles must be assigned to a user to allow them to perform a project function requiring several authority roles. For example, the Area Administrator role includes the Model Administrator role. Therefore, any user assigned the Area Administrator role is also a Model Administrator. The hierarchy of role inclusion for the System Authority Roles is as below. Repository Administrator Organization Administrator Area Administrator Model Administrator Published Model Administrator Classification Contributor Area Contributor Model Contributor Published Model Contributor Area Viewer Model Viewer Published Model Viewer Repository User HUG003 - Understanding Modelpedia Authorization 10 February 2012 Page 6 of 22

4 Role Assignment Authorization is achieved by assigning a user or group one or more roles on a context item. A context item can be almost any item in the Modelpedia - a Model, an Area, a Website et al. 4.1 Assigning Roles Roles are assigned to context items on the Authorization tab of the Properties page for the context item. In the Repository Explorer area, navigate to an item. Items that can have authorization Roles assigned are: Root Area Area Library Published Library Website Organization Organization Unit. HUG003 - Understanding Modelpedia Authorization 10 February 2012 Page 7 of 22

4.1.1 To Assign Roles in a Modelpedia Context Item For example, in a project area : 1. Right-click on the project area, and then click Properties. 2. Select the Authorization tab; click the button for the Add Authorization dialog. HUG003 - Understanding Modelpedia Authorization 10 February 2012 Page 8 of 22

3. To add a role, click the browse button next to the Role field and select the appropriate role from the directory list displayed. Then click OK. (Alternatively, double click on the role) 4. Next click the browse button next to the Members field. From the directory list displayed, select the team user(s) or group and double click to add to Members field. Then click OK. (You can select multiple users/groups at the same time by holding down the Ctrl button, and then clicking the button ) 5. Repeat the above Steps 2 to 4 until all Members for the project have been nominated and their Roles defined. HUG003 - Understanding Modelpedia Authorization 10 February 2012 Page 9 of 22

4.1.2 Assigning Roles to Groups Roles may be assigned to individual users, to a selection of users or to groups. Assigning roles to groups can simplify administration as the assignment is effectively made for each member of the group and members of member groups. This means that as the group membership changes to reflect changes in the project team, the role assignments are automatically updated. You can assign any role on any item type, but the assignment will only have effect if the role confers permissions on the assigned type or to inheriting child items as per Section 4.2 Where a role is assigned to a group, you can view the effective assignment per user by using the Show users within groups option on the Authorization tab. Note that while this option is selected you cannot change role assignments on the current item. You must de-select this option to re-enabling role assignment editing. HUG003 - Understanding Modelpedia Authorization 10 February 2012 Page 10 of 22

4.1.3 Viewing Role Assignment Per User It is often useful to view a complete list of the role assignments for an individual user to track exactly what they have been assigned access to. 1. To open the Properties page of the user in question: Navigate to Search in the Links Favourites panel. 2. In the Text field, locate the user and double-click the user name displayed in the Item list. 3. This will open the properties page for the user. 4. To view the roles assigned to this user, select the Roles tab. HUG003 - Understanding Modelpedia Authorization 10 February 2012 Page 11 of 22

5. Click the Fetch button located to the right side of the panel to display and view the role(s) assigned to this user. HUG003 - Understanding Modelpedia Authorization 10 February 2012 Page 12 of 22

4.2 Inherited Role Assignment Items can inherit role assignments from certain parent items. This means that all the role assignments that apply to the parent item also apply to the item. The inheritance rules are: Role assignments on an Area apply recursively to all the child items of the Area as well as the Area itself. Role assignments on a Model apply to all the Published Websites for that model as well. Typically most role assignments are made on areas. This minimises the amount of administration required by conferring the role assignments on all contained items. 4.2.1 Viewing Inherited Role Assignments It is useful to examine the full list of inherited assignments prior to adding additional assignments to prevent duplication and to understand who has been granted access at a higher level. To view all inherited role assignments for an item select the Authorization tab of the Properties page and tick the option Show all inherited parent contexts. In this view, the Context column shows the parent item for the role assignment. The Found Within column shows the full area path in which the context item resides. Note: While this option is selected, you cannot change role assignments on the current item. You must de-select this option to enable role assignment editing. HUG003 - Understanding Modelpedia Authorization 10 February 2012 Page 13 of 22

4.2.2 Disabling Inheritance Inheritance can be disabled for an item by clicking the Override Parent option on the Authorization page. This option is only available to repository administrators. If you use the Override Parent option, ensure that all necessary role assignments are made on the current item, or else the item will become inaccessible to all users except Repository Administrators. HUG003 - Understanding Modelpedia Authorization 10 February 2012 Page 14 of 22

4.3 Mapping Project Roles to System Authority Roles For a project team member to perform their project role, they must be assigned one or more System Authority Roles. The recommended assignments are as follows. Project Role Project Administrator Model Consolidator Teamwork User Website Reviewer Website Consumer Description of System Authority Role The person responsible for administering the project models, including structuring prerequisites should typically be assigned the Area Administrator role on the root project Area. The team members responsible for consolidating the teamwork model must be assigned at least the Model Administrator role on the project model. Each member of the team that is required to work on the model using a Working Library must have at least the Model Contributor role assigned. Each member of the business community that will be reviewing the website and contributing to discussion must be assigned the Published Model Contributor role. Each member of the business community that will be accessing the content in the published website must be assigned the Published Model Viewer role. By default, Published Model Viewers cannot read discussion on the model. If you wish to allow them to read but not contribute to discussion, a Published Model Administrator can set the Show for non-contributors option on the website properties (or publishing options; refer to Customizing Modelpedia Published Websites) HUG003 - Understanding Modelpedia Authorization 10 February 2012 Page 15 of 22

4.3.1 Assigning Access to Prerequisites All members of the modelling team must have at least Published Model Viewer access to all the prerequisite libraries used by the project model. Authorization to open the entire model will be denied to any user that does not have at least Published Model Viewer access to all the prerequisites. HUG003 - Understanding Modelpedia Authorization 10 February 2012 Page 16 of 22

5 Understanding Groups Groups are the primary mechanism by which user authorization is intended to be managed in the Modelpedia. In general, authority roles should be assigned to groups (rather than individual users) and users added or removed from groups to effect authorization changes. Managing authorization through groups membership is generally simpler than assigning individual users to roles. Modelpedia groups are either internal or external. 5.1 Internal Groups Internal groups are those created arbitrarily and managed entirely inside the Modelpedia. The membership is controlled by the administrator. Internal groups are identifed by the icon 5.1.1 Creating Internal Groups To create an internal group: 1. In the Repository Explorer-Areas panel, click the down arrow next to the filter icon. Then click the Show All Areas pop-up. 2. Show All Areas will display this panel. HUG003 - Understanding Modelpedia Authorization 10 February 2012 Page 17 of 22

3. Expand Organizations and select your organization. In a default corporate deployment this will be Modelpedia Private. 4. Select the Group tab on the Properties page. Click the icon to create a new internal user group. 5. In the Name field of the Create Internal User Group panel, type the new user group name. Then click Apply. HUG003 - Understanding Modelpedia Authorization 10 February 2012 Page 18 of 22

6. On the Modelpedia Private page, click Refresh to display your new group. 5.1.2 Managing Internal Group Membership To manage the membership of an internal group: 1. Double-click on your new internal group. Expand the browse button next to the Members field to select the members for this new group from the displayed list. Click the icon to add them to the new group. 2. To add the selected members to this new group, click OK. HUG003 - Understanding Modelpedia Authorization 10 February 2012 Page 19 of 22

3. To confirm the members in the new group, click Save, located in the bottom right of the panel. 5.2 External Groups External groups are groups that are synchronised from the corporate directory system (Active Directory). These groups reflect the membership conferred by the directory system and may not be changed inside the Modelpedia. External groups are identified by the icon External groups are convenient to use as their membership is automatically maintained in the directory system and therefore requires no administration on the Modelpedia. 5.2.1 External Group Sychronisation External groups are synchronized along with users usually once per day. Additions or changes to users or groups in the directory system will be available in the Modelpedia the next day. The synchronization can be manually invoked at any time if necessary by a Repository Administrator through the Administration Portal. HUG003 - Understanding Modelpedia Authorization 10 February 2012 Page 20 of 22

6 Repository Administrators Repository Administrators are a special class of users that have the highest privileges. Repository Administrators have full access to configure and manage the server and have full access to all content. As such, this privilege should be allocated sparingly. Only Repository Administrators can perform the following tasks: a) Configuring the server through the Administration Portal (most of the Administration Portal functionality is available only to Repository Administrators). b) Changing authorization on the root level content areas c) Adding or removing Organizations Assigning Repository Administrator access may be achieved in two ways: 1. Add the user to the Repository Administrators group, or to a group that is itself a member of the Repository Administrators group. This can only be achieved by a user that is already a Repository Administrator. 2. If the user is using a Directory Synchronized account, add the directory account as a member of the Local Administrators group on the Modelpedia Server machine. All Local Administrators are automatically Repository Administrators. HUG003 - Understanding Modelpedia Authorization 10 February 2012 Page 21 of 22

7 Organization Administrators Organization Administrators are users who have authorization to manage a specific Organization - managing organization properties and member users, groups and roles. Assigning Organization Administrator access is achieved by assigning the user to the Organization Administrator role on the Organization they are to administer. Organization Administrators have access to the user administration features in the Administration Portal. HUG003 - Understanding Modelpedia Authorization 10 February 2012 Page 22 of 22

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback