13
Views
11
Comments
Solved
Add users to LifeTime, ServiceCenter, Service Studio, Users, Architecture Dashboard

Hi,

I am handing over the application to the IT operations team. So far our team used a common User name and password for accessing LifeTime, ServiceCenter, Service Studio, Users, and Architecture Dashboard. Now, I have to create users for each of them. 

1) IT Users created in the LT can access Service Studio, Service Center, and LT. How can I segregate this? Like user who can access Service Center must not use LT

2) Where can I create users for the architecture dashboard. I tried creating a user in LT with an Administrator role but still, he could not access the Architecture dashboard.

3) Can we have only one user to access the Users Dashboard? When I clicked on "Configure Administrator User" in Users module - Single Sign-on in Service Center, it asks me to reconfigure the existing user

4) Can I have a separate User dashboard for each application?

5) Can't I delete IT-users from LT? I could only able to set them inactive

Regards,

Abirami Srinivasan

Rank: #93
Solution

Hi Abira,


I'll try to answer your questions:


1. You can configure the roles in LifeTime and define which permissions the user will have on each environment (Service Studio and Service Center) and the permissions he will have at an infrastructure-wide level (LifeTime). After that, you just need to grant these roles to the user and he will have his permissions granted according to that configuration. Developers will always have access to Lifetime but what they see or can do can be defined. See image below:

2. See the explanation below taken from Architecture Dashboard FAQs:

3. You can have multiple users with access to Users application, for that they just need to be granted one of the roles of the Users application. A user with SuperUser role, will always have all applicational roles in the environment, the UserManager role will be able to access Users application and manage users:


4. Yes, but you would have to build your own. Programmatically, you have access to CRUD actions for Users and Groups and grant / revoke roles, so you can build your own application that only does that for a given application


5. Users are not deleted but set to inactive. Why? Because user actions and references to the user record are saved for audit purposes across many tables (so questions like: a) who did the deployment yesterday? b) who deployed the module X? can be answered). Therefore, if users were to be deleted you would lose all that information.
Because of that, users are inactive but it will be as if they would be deleted (all accesses will be revoked).


Hope it helps.


Cheers,
João


Rank: #387

Hi Abira,

You can you users portal of the enviroment.

Like for my personal enivornmrnt 

You can create groups for what authorization you want to give to user.


Environment-Name/Users/Users.aspx


Hope this will help you.

Regards,

Amreen

Rank: #93
Solution

Hi Abira,


I'll try to answer your questions:


1. You can configure the roles in LifeTime and define which permissions the user will have on each environment (Service Studio and Service Center) and the permissions he will have at an infrastructure-wide level (LifeTime). After that, you just need to grant these roles to the user and he will have his permissions granted according to that configuration. Developers will always have access to Lifetime but what they see or can do can be defined. See image below:

2. See the explanation below taken from Architecture Dashboard FAQs:

3. You can have multiple users with access to Users application, for that they just need to be granted one of the roles of the Users application. A user with SuperUser role, will always have all applicational roles in the environment, the UserManager role will be able to access Users application and manage users:


4. Yes, but you would have to build your own. Programmatically, you have access to CRUD actions for Users and Groups and grant / revoke roles, so you can build your own application that only does that for a given application


5. Users are not deleted but set to inactive. Why? Because user actions and references to the user record are saved for audit purposes across many tables (so questions like: a) who did the deployment yesterday? b) who deployed the module X? can be answered). Therefore, if users were to be deleted you would lose all that information.
Because of that, users are inactive but it will be as if they would be deleted (all accesses will be revoked).


Hope it helps.


Cheers,
João