If you are starting from a blank database, you will need to establish security groups, roles, users, groups, and roles before you can log in using ARCHIBUS Web Central.
A quick way to do so is to use the tasks in the System Administration / ARCHIBUS System Administration / ARCHIBUS Administrator process in Web Central.
Note: For assigned roles and processes to appear to a user upon sign-in, you need to apply the changes by restarting the Web Central server.
If you have a large number of additions or changes to make, you may prefer to use the parallel process in the Smart Client. The Smart Client grid views have fewer actions but are easier for bulk-data entry.
Establishing users involves creating security groups, roles, and users and granting the correct access to the role.
Security Groups define the access rights you want to establish to sections of data or functionality. For instance, you might establish "RPLM" and "SPACE" security groups to keep edit and review rights for Real Property and Space information separate. You can use the SQL "like" operator -- "%" as a wildcard to match all groups with that prefix. "SPACE%" for instance, would match all groups beginning with the prefix "SPACE". You must have at least one Security Group. At a minimum you can create one group with the group name "%" which grants access to all Security Groups.
Security Groups are used to control access to certain commands, such as the Alter View command. However, most commonly, Security Groups are used to control access to fields of data. Each field in the ARCHIBUS schema has an Edit Group and a Review Group. If the Edit Group is present, the user must be a member of that group to change a value in that field from any edit form. If the Review Group is present, the user must be a member of that group or they will not see that field at all.
You can define Security Groups with the Add or Edit Security Groups task.
You can review and change the Security Group assignments to individual fields in the schema using the Smart Client's Define per-Field Group Security task.
You group Security Groups and Process Navigator processes and Dashboard assignments by role, such as "RESERVATION ASSISTANT" or "RESERVATION HOST".
To do so, you use the Add or Edit User Roles view to define these roles.
Use the Assign Security Groups to Roles view to grant particular roles access to one or more Security Groups.
Use the Assign Processes to Roles view to define what Process Navigator or Dashboard processes appear to users of this role when they log in.
You can also assign processes directly to users, however, most sites prefer the role-assignments as they are easier to manage. Changing the list of processes for a role automatically changes the list of processes for all users of that role.
Use the Edit Users task to create user account records and assign users to a Role.
The ARCHIBUS system spans two types of identity that are typically distinct.
ARCHIBUS has default scripts for helping you link the two identities using the email address, which is the usual common link between the two. You may wish to modify these scripts to suit your own site’s conventions; review the comments in the scripts for details. The scripts are:
When you log in to ARCHIBUS, the system first verifies that the user name and password that you supplied are present in the ARCHIBUS Users table. It then uses the email address from the ARCHIBUS Users table to look up any Employee record that user has. The program caches the Division, Department, Building, Floor, and Room Codes and Employee Name information so that it can be used in views and actions to personalize the data in the view (such as, to show rooms reserved by that person) or the action (such as, to automatically assign a new reservation to that person). You can review this cached information by using the ARCHIBUS Web Central My Profile command.