Provide a lightweight user interface to allow for 1st level support to perform user management without requiring access to all admin functions.
Additional features that would be helpful:
In addition, allow for the staging server to be independent of the production server for users. Two examples would be to be able to inactivate a user without having to migrate the change and allow for the user cache to be refreshed without taking a production outage.
I had to take a production outage to refresh the staging server because a user was removed from the ldap server but they still existed in the user cache.
I would like to see also a harmonisation for the usermanagement in the admin client für SI and IM.
It would be very beneficial to have a method for enrolling new users in Integrity without the need of the admin client. The teams that perform user-enrollment do not need the full capability of the admin client. The present a problem with adhering to IT and security policies within our organization.
Clarification: This means adding an LDAP user, or MKS domain user, to a group BEFORE that user has ever logged into Integrity.
I#d like to have one Mask in which I can set all access rights to the different parts of the Integrity tool. I do not want to switch between the different masks of the different tool parts to set the basic access rights for a user.
I#d also like to have GUI to see which access right groups a user is assigned to at once, without the need of using the CLI.
For Source, some kind of ACL template would also be helpful. This would avoid the (errorprone) need to click through every single ACL field for new users/groups.
Here, most users/groups always have the same ACLs, maybe differing by allowed read/write access to a project.
So templates would be great.
Great input and suggestions here.
Regarding the point you mentioned - check a user's access right onto a project node directly at the node and not only via the admingui function "Evaluate ACL"
I am guessing you think a feature in si client gui could be useful to evaluate a specific user's access rights on a project node (or maybe even on a member)? Basically without a need to go to admin GUI, you need an ability to evaluate the entire ACL structure for a user?
Something similar is planned for the next release - 11.1. Please watch out for it, it may exactly match what you expect!!
As part of the new web UI, we will definitely consider some ideas mentioned here, especially the user management without going to admin client.
do you know if the new UI has only a simplified user management for workflow and document and also include for source.
One of the first step would be to see in a easy way which rights the user has in source and workflow&documents.
Many OEM build for this use-case his own webside, I still hope that PTC get such a soloution out of the box.
I have a pretty decent solution configured for my user management. i shared my solution with the group at liveworx.
I have been able to configure a solution where project access is handled using triggers. The projects and project leaders handle their own access control by simply adding the user to defined roles in the project item for example. we use triggers to handle all the back-end work, with groups, project visibility, dynamic groups. I've also implemented a user item that gives user a snap shot of all projects they have access to and what permissions they have
other features that will be great is
1. User activity tracking dashboard or table. When did user log-on? how long were they logged on? etc
2. Better control with cascading user access. Right now, when a user is given access to a group, the user gains access to any other group that may have given previous group and any other group that may have also given access to previous group. They is no way to limit the access or even just track what indirect group access they have as a result of addition to a single group
i can talk more about this when we have the meeting.
I want to be able to see quickly and easily which user has which permissions in which projects. This includes both static and dynamic groups as well as projects and subprojects with and without inheritance.I also want to be able to follow the other direction quickly and easily, for example if a dynamic group is used to map roles that have different members in different items according to projects and subprojects.Of course I want to be able to edit these groups and projects in this simple overview. And i dont want to stage this in a staging couple.
kind regards, Jens
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.