The Privileges tab is an object typeAn individual object is provided for the individual activities: There are User, UserGroup, Notification, Cockpit, CodeTable, Documentation, Event, Agent, FileTransfer, Group, Include, Job, Workflow, Calendar, Login, Client, RemoteTaskManager, Schedule, Script, Server, Sync, Variable and TimeZone objects-specific tab which is only available in User and UserGroup objects. It can be used to allow or deny users to access system functions. Privileges are an integral part of the Authorization System.
Object: User
Object class: System objectAutomation Engine controlled activities and processes are structured in the form of objects. See also: Task
Object type
(short name): USER
Automic recommends that users newly log on to the UserInterfaceThis is the Automation Engine's graphical user interface. [Formerly called the "Rich Client", "RichGUI" and "Dialog Client."] in order to ensure that changes in privilegesPrivileges in the Automation Engine refer to user rights to work with certain frontend and user interface functions. You grant privileges to users in the Automation Engine. become effective.
Activate the appropriate check box in order to grant a particular privilege to a particular userIn the Automation Engine, a user is an instance of a User object, and generally the user is a specific person who works with Automic products. The User object is assigned a user ID and then a set of access rights to various parts of the Automation Engine system and product suite. These access rights come in the form of Automation Engine authorizations and privileges, Decision user roles and EventBase rights and ARA web application object rights. You can manage all these centrally in the ECC user management functions. See also, Unified user management.. A user's privileges are the sum of user-specific privileges and those resulting from the membership in a particular user groupA group of users who have a common profile of rights. A particular object type in the Automation Engine. User groups are an organizing construct to help you better manage users because you can grant user groups access rights the same way that you grant various access rights to a single user. All users in the user group are automatically given those access rights. This makes managing users not only more efficient but also more secure because working with user groups gives you a better overview of what rights are assigned..
|
Field/Control |
Description |
---|---|---|
|
Change system statusThis represents the condition of a task (such as active, blocked, generating). (STOP/GO) |
Users can change the system's status and interrupt automatic processing. |
|
Users can call the System Overview which provides access to system and security information and functions. |
|
|
Access to recycle bin |
The Recycle Bin can be opened. This allows users to restore deleted objects. Restored objects are found in the <No Folder> folderTop level entities such as Environment, Deployment Target, Activity, … are stored in folders. The permissions a user has on an entity depend on the permissions that are set on the folder for the entities.. |
|
Access to transport case |
The Transport Case can be opened. Users are enabled to view objects that should be transported to a different clientA closed environment within an Automation Engine system where you can create and run objects. A client name consists of a 4-digit number that must be indicated when a user logs on to the Automation Engine system. Users and their rights are also defined in clients. A particular Automation Engine object type. or system in the Explorer window. Users can also delete objects that should be transported from the transport case. |
|
View messages from own user group |
Definition of message types that should be shown to the user in the Message Window. Individual users also receive messages to the users of all user groups of which they are members. |
|
View messages to administrators |
Users also receive administrator messages. They are not assigned to any specific user or client and inform about system-wide actions (such as a Server start). |
|
View all messages from own client |
Users can see all messages that are addressed to their client's users. |
|
View security messages |
Users also receive security messages. These messages are not assigned to a specific user. They are created through the access check of the Authorization System. |
|
Access to selective statisticsThis is a list of a task's previous runs. |
Users can create statistic summaries by object, time period, RunIDShort for "run number". It is a number that provides unique information about a task's execution. The RunID can include 7 to 10 digits. It is assigned by the Automation Engine component . or archive keys and view the statistics of childA subordinate task (such as a task that runs in a workflow). objects. |
|
Deal with authorizations at object level |
Users who should be able to specify or change exclusive access rights to an object require this privilege along with write access (W) to the object. |
|
Modify the status of a taskAn executable object that is running. Tasks are also referred to as activities. manually |
Privileged users can change task states. The system does not check if the new status is a logical status. If status >= 1800 is set, the task ends. |
|
Object properties: allow manually reset of 'Opened Flag' |
If a user opens an object for editing, the object is marked. If a program interruption occurs during the editing process, the object keeps this tag even if the UserInterface is restarted. Privileged users can remove this tag. |
|
FileTransfer: Start without Login object specified |
It is possible to process file transfers without using a Login object. The agentA program that enables the de-centralized execution of processes (such as deployments) on target systems (computers or business solutions) or a service that provides connectivity to a target system (such as for databases or middleware). An agent is also an object type in the Automation Engine. [Formerly called "Executor."] See also: host then uses the user who started it.
The administrator specifies in the variableIt stores or retrieves values dynamically at runtime. An individual Automation Engine object type. UC_HOSTCHAR_DEFAULT, key ANONYMOUS_FT whether the agent is allowed to process file transfers without Login object. |
|
FileSystem Event: Start FileSystem Events without specifying user credentials |
Users may start FileSystem Events without entering specific user credentials. Granting or refusing this privilege affects the execution of FileSystem Events, where the definition of a Login object is optional. |
|
View server usage over all clients |
Users can view the server processThe core of the component Automation Engine. Different types are available: communication, work and dialog processes, as well as nonstop processes. workload in the individual clients through the System Overview. |
|
Access to <No Folder> |
The <No Folder> folder can be opened. This enables access to restored or transported objects. |
|
Logon via Call interface |
Users can access the AE system via the Call Interface which enables them to start tasks from within their own programs or via the utility. |
|
SAP Criteria Manager |
This privilege can be used to grant access to the SAP Criteria Manager via the Form tab of SAP jobs. |
|
Access to Version ManagementThis refers to an object version that is stored when you have modified the object. |
The user group can access the Version Management folder and open (write-protected), restore and delete saved object versionsAn application version holds zero or more deployment packages and may have dependencies to zero or more application versions of the same (or to different) applications. Statistics and reports are also available. |
|
Access to Auto Forecast |
This privilege can be used to grant the user group access to the Auto ForecastfunctionPre-defined run book template in the Automation Engine. One single step only, e.g. Start Windows Service, Copy file,… for the automatic calculation of forecastEstimates a task's runtime on the basis of previous executions. data for tasks that will run within a specified period of time. |
|
Create diagnostic information |
This privilege handles two rights:
|
|
Take Over Task |
Tasks run under the user who has started them. Users intending to assume tasks from other users require this privilege. The corresponding command is then displayed in the Activity Window's context menu. |
![]() |
ILMStands for Information Lifecycle Management, which refers to a wide-ranging set of strategies for administering storage systems on computing devices. actions | In the System Overview, a user can access the ILM area and its corresponding settings. |
![]() |
Create and modify Backend variables |
This privilege can be used to create and edit BACKEND-type Variable objects. The "New object" dialog does not display this variable type to users who do not have this privilege. Backend variables always open in read-only mode. |
![]() |
Create and modify SQL-Internal variables |
With this privilege being assigned, users can create and modify Variable objects with the source "SQL - internal" and "SQL - internal SECURE". Requirement: The value YES must be specified in the setting SQLVAR_INTERNAL of the variable UC_SYSTEM_SETTINGS. If this privilege is not available, the variable type "SQLI" is not displayed in the templatesPre-defined 'workflows' for specific components/tasks, e.g. Tomcat, SubVersion. dialog and cannot be created. Internal SQL variables always open in write-protected mode. |
Work in Runbook Mode |
This privilege activates the runbook mode. Runbook mode simplifies the tab view of particular objects in the UserInterface. Users who work with runbook can access the relevant tabs more easily. Tabs are only hidden and can be activated at any time. The following changes apply:
|
|
![]() |
Manage favorites on user group level |
Displays the favorites of all the client's user groups. The Explorer includes a specific Favorites folder to which objects can be added by using the drag and drop function. The objects are not actually moved to the folder but a reference is created to them (similar to the Transport Case). Without this privilege, users can only view the user groups of which they are a member in the Favorites folder. Write access (W) is required for User Group (USRG) objects to which favorites should be added. This applies regardless of the privilege "Manage favorites on user group level". The Favorites functionality affects the Prucacv*.htm file of the product ECCAbbreviation for the Enterprise Control Center (Enterprise Control CenterAutomic's web application that provides a single, browser-based interface for the ONE Automation platform.) and in particular, the Process Automation plug-in. |
ECC: Access to Service Catalog |
Privileges for the Enterprise Control Center (ECC). The ECC uses the OS of the Automation EngineThis component drives an Automation Engine system and consists of different types of server processes.. During the configurationA set of constituent components that make up a system. This includes information on how the components are connected including the settings applied. / installation process, you can determine the AE systems to which the ECC can connect. You can log on to the ECC in the same way as you log on to the UserInterface. You can also use these privileges in order to limit the access of particular users to particular perspectives / areas. |
|
ECC: Access to Process Monitoring | ||
ECC: Access to Service Orchestrator (for all SVO users) |
||
ECC: Manage SLAs and Business Units in Service Orchestrator |
||
ECC: Access to Policy Orchestrator |
||
ECC: Access to Process Assembly |
||
ECC: Access to Administration | ||
ECC: Access to Dashboards |
||
ECC: Access to Predictive Analytics | ||
ECC: Access to Messages |
Automic Documentation - Tutorials - Automic Blog - Resources - Training & Services - Automic YouTube Channel - Download Center - Support |
Copyright © 2016 Automic Software GmbH |