Related Topics:

Overview of Security Options

Manage Repository Security

In order for a user to access a Synthesis database, he/she must have a valid user account in the database. This topic describes how users with the "Manage users and logins" permission can create and manage user accounts in the database via the Manage Repository Security window.

The Manage Repository Security window may be displayed when you create a new enterprise database, when you enable login security for a standard database, or when you choose File > Manage Repository > Authorized Users.

This topic includes the following sections:

Creating User Accounts

In the Manage Repository Security window, the Users tab displays a list of the user accounts that have been created in the current database. Note that:

To export the data currently displayed in the table to an Excel spreadsheet, click the Send to Excel button. You will be prompted to specify the pathname/filename for a new Excel file.

You can also import user accounts from Microsoft Active Directory® by clicking the Active Directory button. This opens the Import Users from Active Directory window, which allows you to search for user accounts that have been defined in the Active Directory and choose one or more to import as new user accounts in the Synthesis database.

User Account Requirements

In secure databases, the user account must meet the following requirements in order to have access to the database:

Note that if the account has been used to log in to the database at least once, deleting the account will make it inactive and the same username cannot be used again in the database. This is because the username may be associated with existing analysis information. Alternatively, if the user account has never been used, you can delete the record from the database and you will be able to create another user account with the same username in the future if desired.

Creating Security Groups

Throughout this help file, we use the phrase authorized users to indicate functionality that may be restricted based on specific security permissions. Security permissions allow you to control how users access and use the database. In Synthesis repositories, a set of permissions is known as a security group. Note that:

In the Manage Repository Security window, the Security Groups tab displays a list of all the security groups that have been created in the database. The user who created the database automatically belongs to the Admin group, and has full user and administrative permissions. The Admin group cannot be deleted or have its permissions modified; therefore, its window cannot be opened from the Security Groups tab. To assign or remove a user account from this group, open the User Login and Contact Information window and select or clear the “Admin” check box.

By default, the software also includes three additional predefined security groups. Depending on your organization’s specific needs, you may choose to make adjustments to the default security groups or replace them with new groups See Repository-level vs. Project-Level Security.

Use the Add, Edit or Delete buttons below the table to manage the security groups. When you add or edit a security group, you can assign the permissions for the security group as well as select the database users that belong to each group. In addition:

Note: To avoid unintended consequences, if you choose to implement different levels of access for different projects, it is generally recommended to assign project-level security for all projects in the database.

Table of Database Permissions

The following table provides a summary of the permissions that can be granted in the database. If the permission is application-specific, the affected application(s) are identified in the name.

You can edit the permissions of a security group even when a user associated with that security group is currently logged in to the database; however, the changes will not take effect until the user closes the database and reconnects to it.

Note: Project owners have certain permissions that are equivalent to having the "Manage all projects" permission, but only for the projects that they own. For example, project owners can view private projects and lock/unlock projects, but only if they own those particular projects.

 

Basic permissions throughout repository

Create and own private projects Allows you to create projects that, in a secure database, are accessible only to you and to users with the "Manage all projects" permission. In a non-secure database, the project will be designated as "private" but it will still be accessible to all database users.
 
Note that if you remove this permission from a security group, the users in that group who own private projects in the repository will no longer have "owner" permissions for the existing projects. You can assign a new owner to each affected project via the Manage Projects window.
Create and own public projects Allows you to create projects that may be accessible to any database user (depending on the project security setting).
 
Note that if you remove this permission from a security group, the users in that group who own public projects in the repository will no longer have "owner" permissions for the existing projects. You can assign a new owner to each affected project via the Manage Projects window.
Create portal messages Allows you to create and send messages to other users via the Messages page in My Portal.

Basic permissions at project level

Read Allows you to view but not edit any of the analyses in a given project. You can perform tasks that do not modify the data (e.g., calculate metrics in a Quick Calculation Pad, export data, etc.).
Create/edit project items Allows you to create and edit items in a given project, such as folios in Weibull++/ALTA, diagrams in BlockSim, system hierarchy items in Xfmea/RCM++, and the like.
Create/edit/delete own resources Allows you to use the Resource Manager to manage the resources (e.g., models, URDs, etc.) that you have created in a given project. This permission will be assigned automatically when the "Create/edit project items" permission is assigned.

Advanced permissions at project level

Delete project items Allows you to delete any item in a given project (e.g., folios in Weibull++/ALTA, diagrams in BlockSim, system hierarchy items in Xfmea/RCM++, and the like). This permission cannot be assigned unless the "Create/edit project items" permission is also assigned.
Create/edit/delete all resources Allows you to use the Resource Manager to manage all resources available in a given project.
Set project security Allows you to control user access within a given project. This includes the ability to access the Security page in the Project Properties window and to set Item Permissions for any item in the project.
Edit project properties Allows you to use the Project Properties window to edit the project name, description, category and other settings of a given project.
Lock or check out project

Allows you to:

Create project baselines Allows you to create or restore baselines for a given project, which are exact replicas of the project at a particular point in time (i.e., backups).  
Delete project Allows you to delete a given project.
Manage change logs in Xfmea/RCM++ Allows you to enable and manage change logs within a given project. Change logs can be created for FMEAs and DVP&R analyses in Xfmea and RCM++.
Approve change logs in Xfmea/RCM++ Allows you to implement electronic approval tracking for change logs within a given project. Change logs can be created for FMEAs and DVP&R analyses in Xfmea and RCM++.

Administrative permissions throughout repository

Manage all projects Grants you all of the basic and advanced project-level permissions for all public and private projects in the repository. It also allows you to use the Manage Projects window to view and edit settings of all projects in the database.
Manage users and logins

Allows you to:

Manage e-mail notifications

Allows you to:

Manage profiles and templates in Xfmea/RCM++

This permission is available only in enterprise databases. It allows you to:

Manage other repository settings

Allows you to:

  • Use the Manage Units window to define the time units available for use in any project within the database.

  • Use the Manage Warranty Units window in Weibull++ to set equivalencies between the time units used in the repository and the time units used in some warranty folios.

  • Use the Define Default Names window to specify how default names for resources and blocks are created.

  • Use the Task Types window in RCM++ and BlockSim to map the task types used in RCM++ to the task classes in the universal reliability definition (URD).

  • Use the Global Identifiers window to define the default names for identifier fields that can be used to search for blocks or resources within a given project.

  • Use the Project Categories window to define the categories that can be used for grouping and filtering the projects in the database.

  • Use the Project Baselines window to manage project baselines, which are exact replicas of the project at a particular point in time (i.e., backups) that can be restored when and if needed.

Approve actions

Allows you to review and approve actions, which are Synthesis resources that allow you to track progress made in a project.

Manage all portal messages Allows you to edit or delete all messages you sent and messages addressed to you via the Messages page in My Portal.

 

© 1992-2013. ReliaSoft Corporation. ALL RIGHTS RESERVED.