Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Eagle is excited to highlight key improvements implemented for User Administration in the V2017 release.

Panel
bgColor#ECE9EC
borderStylenone

Table of Contents
maxLevel3
indent15px



Redesigned in V2017

The following features were redesigned:

Panel

Replaced Application Roles with Center Roles

In the v2017release, Application roles have been replaced by the appropriate Center roles. This change was made to continue to simplify and streamline User Administration and achieve a unified entitlements approach. User functional permissions are not lost with this change. New Center roles are generated based on the available Application roles and new assignments between generated roles and users are created during the upgrade.

This issue was tracked as Item #147073

Replaced User Administration Roles and Permissions with User Administration Center Roles

User Administration permissions define the level of access for User Administration's administrative functions such as adding, editing, and displaying users, groups, roles, and site settings. User Administration permissions are now controlled by the new User Administration Center roles. This change simplifies handling of permissions and aligns User Administration permissions with how permissions are controlled in all other Eagle Centers. You can create many different User Administration Center roles to customize permissions to fit your company's needs. You can assign users to the User Administration Center role exactly the same way as you assign users to other Center roles. The concepts of User, Operator, Advanced User, and System Administrator account types, as well as User Administration roles that were used in Eagle releases prior to 2017 v2017 are no longer necessary and have been removed since these permissions are now defined by the User Administration Center roles.

You can learn more about the new User Administration Center Roles at About User Administration Center Roles

This issue was tracked as Item #119800.

Redesigned the Maintenance Window in User Administration Setup

To improve usability, the Maintenance window has been redesigned into the following four separate windows accessible from the left navigation in User Administration Setup:
- Maintenance (General & External Web)
- Web Site Settings (Site/Logon)
- LDAP Settings
- Password Settings ( Password Expiration + Password Settings)

This issue was tracked as Item #129959.



New in V2017

The following features were introduced:

Displays selected Center role(s) details

This issue was tracked as Item #140530.

Added User Security/Audit Reporting

You can now run user security/audit reports directly from the Users, Business Groups, PACE Roles, and Center Roles workspaces via action rules that invoke new system queries in System Management Center.

The following queries were added to System Management Center to support user security/audit reporting:

.

This issue was tracked as Item #147719.

Added the Ability to Create Action Rules for User Administration

You now have ability to create Action Rules for various User Administration windows.

This issue was tracked as Item #148731.

Added the Ability to Create Only LDAP Users

You can now assign permissions to create only LDAP users when adding new users. This option can be set in the User Administration Settings tab of the selected User Administration
Center role.

This issue was tracked as Item #116593.

Added New Options to the Report Profile Group

The Add and Delete options have been added to the Report Profile Group. These options allow you to add a new or delete an existing Report Profile Group. These are located in the Users workspace, User Properties, in the Data Access tab.

This issue was tracked as Item #151003.

Enhanced User Contact Details

The Contact Details tab in Users workspace was enhanced with new default options: Phone Number, Application, and File. These options can be configured dynamically via code category and are used when creating new subscriptions. Additionally, you can now set a default Notification type (available for E-Mail, Application, and File).

This issue was tracked as Item #138564.

Added New Entitlements

Added Event Type and Event Level permissions for Automation Center

You can now manage event level permissions to give you more control over who gets access to managed events.

 This issue was tracked as Item #145609.

Added Entitlements for Permission Group Conversion

Entitlements have been added to the Permission Conversion window in User Administration Setup.

This issue was tracked as Item #126660.

Added User Entitlements for Managing Capacity Group in Automation Center Roles

You can now manage Engine Capacity Group permissions in Automation Center Roles. You can allow/disallow the following permissions for capacity groups: View, Create, Edit, and Delete.

This issue was tracked as Item #126669.

Added Entitlements for Managing LDAP Users
Entitlements have been added to the User Administration Center Role to manage LDAP user accounts.

This issue was tracked as Item #130307.

Added Security Settings to Custom Processes in Control Center Roles

Multiple levels of control over a custom process are now available. In the Change and Audit tab of the Control Center roles, new privileges were added to help control the group's ability to generate a linked Custom Process, generate an unlinked Custom Process, and override a Custom Process. In the Tools Menu tab, you can now limit the group's ability to view, edit, and delete a Custom Process. 

This issue was tracked as Item #132633.

Add in info about new centers here! - reminder

Improved Permission Conversion Functionality

Redesigned and Renamed Product Group Conversion 

The Product Group Conversion feature within the Setup section of User Administration has been renamed as Permission Conversion. The wizard was simplified to help streamline the conversion classic menu/panel permissions to Center Role for clients upgrading from Eagle classic.  For example, the first step in the wizard has been renamed to Select Application Role and product group is no longer displayed. There were also changes in the wizard to reflect how permissions changes in v2017.  Also, "_STARSTAFF" is no longer appended to the role names after conversion.

This issue was tracked as Items #150857 and #150869.

Added Custom Folders Support in Permission Conversion
Permission Conversion in User Administration Setup now supports migration of access to custom Eagle (Classic) links.

This issue was tracked as Item #136978.

Added Support for Core and Custom Performance Center Links in Permission Conversion

Permission Conversion now supports links under the Performance folder (core and custom links) in the Application role, if any user is assigned to the Application role. The result is the conversion of the Application role access to the Performance Center Admin Role.

This issue was tracked as Item #140020.

Enhanced Security for Permissions Conversion
The security logic for Permission Conversion has been enhanced. You will no longer have access to the Permission Conversion workspace unless one of the following is true:
- You have permissions to Application Roles or Application Role Assignments
- You have permissions to edit Center Roles or User-Center Role Assignments

This issue was tracked as Item #136979.

Improved User Import Functionality

Added the Ability to Assign Center Roles

You can now specify assignment to Center Roles during the actual import of external users.

This issue was tracked as Item #134078.

Added the Ability to Import Additional Contact Information

You can now import additional contact information from AD/LDAP such as Company, Full Name, and E-mail.

This issue was tracked as Item #130311.

Added Find Control in the Import User Wizard

The Find control has been added to the Import Users wizard in the Select Users window. This control make it easier to find a user instead of manually searching through the entire list.
This issue was tracked as Item #136810.


Panel
borderColorsilver

Improved General Usability

Added Bulk Select/Update for Users Workspace

The Users window was enhanced with bulk update capabilities. You can now apply Enable/Disable and Delete commands for multiple selected users.
This issue was tracked as Item #130305.

Added Rollback Changes Button to the Ribbon

A new Rollback Changes button has been added to the ribbon for all User Administration workspaces. This button allows you to cancel or discard changes made.

This issue was tracked as Item #133554.

Added the Find Tool for Roles in Center Roles 

You can now use the Find button to find specific roles in the middle pane of the Center Roles workspace.

This issue was tracked as Item #133726.

Simplified the Folder Links Definition

The Folders Links dialog box was simplified to use the Define Folder Links command to create new folder links or review, edit, or delete existing links within one dialog box.

This issue was tracked as Item #140467.

Improved Usability of the Users and Center Roles Workspaces

If you have administrative permissions, you can now open associated Center roles for viewing/editing directly from the User Details window via a right click command. Additionally, roles that are assigned to the Current User are marked in bold in the Center Roles workspace.

This issue was tracked as Item #150100.

Added User Security/Audit Reporting

You can now run user security/audit reports directly from the Users, Business Groups, PACE Roles, and Center Roles workspaces via action rules that invoke new system queries in System Management Center.

The following queries were added to System Management Center to support user security/audit reporting:

Action RuleDescription
User Security Entitlement Reports - Business GroupsDisplays selected business group(s) details.
User Security Entitlement Reports - Center RolesDisplays selected Center role(s) details.
User Security Entitlement Reports - PACE RolesDisplays selected PACE role(s) details.
User Security Entitlement Reports - User AccountsDisplays selected user(s) account details.

This issue was tracked as Item #147719.

Added New Entitlements

Added Event Type and Event Level permissions for Automation Center

You can now manage event level permissions to give you more control over who gets access to managed events.

 This issue was tracked as Item #145609.

Added Entitlements for Permission Group Conversion

Entitlements have been added to the Permission Conversion window in User Administration Setup.

This issue was tracked as Item #126660.

Added User Entitlements for Managing Capacity Group in Automation Center Roles

You can now manage Engine Capacity Group permissions in Automation Center Roles. You can allow/disallow the following permissions for capacity groups: View, Create, Edit, and Delete.

This issue was tracked as Item #126669.

Added Entitlements for Managing LDAP Users
Entitlements have been added to the User Administration Center Role to manage LDAP user accounts.

This issue was tracked as Item #130307.

Added Security Settings to Custom Processes in Control Center Roles

Multiple levels of control over a custom process are now available. In the Change and Audit tab of the Control Center roles, new privileges were added to help control the group's ability to generate a linked Custom Process, generate an unlinked Custom Process, and override a Custom Process. In the Tools Menu tab, you can now limit the group's ability to view, edit, and delete a Custom Process. 

This issue was tracked as Item #132633.

Add in info about new centers here! - reminder

Added the Ability to Create Action Rules for User Administration

You now have ability to create Action Rules for various User Administration windows.

This issue was tracked as Item #148731.

Added the Ability to Create Only LDAP Users

You can now assign permissions to create only LDAP users when adding new users. This option can be set in the User Administration Settings tab of the selected User Administration
Center role.

This issue was tracked as Item #116593.

Added New Options to the Report Profile Group

The Add and Delete options have been added to the Report Profile Group. These options allow you to add a new or delete an existing Report Profile Group. These are located in the Users workspace, User Properties, in the Data Access tab.

This issue was tracked as Item #151003.

Enhanced User Contact Details

The Contact Details tab in Users workspace was enhanced with new default options: Phone Number, Application, and File. These options can be configured dynamically via code category and are used when creating new subscriptions. Additionally, you can now set a default Notification type (available for E-Mail, Application, and File).

This issue was tracked as Item #138564.

Enhancements around Managing Oracle Database Users

Added Support for Managing Oracle Database Users

You can now manage Oracle database users and the associated database roles from User Administration Setup. A new DB Users window was added which is accessible from the left navigation in Setup. System Administrators with appropriate permissions can manage database accounts, change passwords, lock/unlock, select, and change database roles. To enable database user management functionality, set Sys Item 239 (Database Users screen visibility in User Administration Center) to 1. Note: This feature was first introduced in the v2015R2.x series.

This issue was tracked as Item #130310.

Enhanced DB Users Permissions

New DB Users are now assigned to predefined DB Roles which are selected according to System Parameter 201 which specifies whether it is a PROD, DEV, or TEST system. Additionally, the EA_PROFILE profile is now applied when a new DB user is created.

This issue was tracked as Item #139885.

Added the Ability to Allow Access Based on Region for DB Users

For the DB Users feature in User Administration Setup, you can now allow different access based on the type of region (DEV, TEST, PROD).
The following code categories have been added: DB_USER_DEV, DB_USER_QA, and DB_USER_PROD. Depending on the type of region, the system will display code values of one of these three categories as allowed roles.

This issue was tracked as Item #140528.

Added the Show Proxy Feature for DB Users in DEV Environments Only

In DB Users, the show Proxy feature (Add Write Permissions/Remove Write Permissions) has been added for DEV environments only. This feature is available only when Sys Item 201 is set to DEV.

This issue was tracked as Item #146503.

Added the Ability for DB Users to Connect as ESTAR or PACE_MASTERDBO

The DB Users feature was enhanced with the ability to connect to the database either as ESTAR or PACE_MASTERDBO user. To allow DB Users to connect with such access, these users have to be granted appropriate permissions in User Administration. To do so, the Add Write Permissions command should be applied in the DB Users window. The Remove Write Permissions command should be used to remove this access.

This issue was tracked as Item #140529.

Added Auditing Capabilities for DB Users

A new system query has been added to audit the DB Users functionality. The new query is called UA Security - DB Users Administration Audit. This query provides the last action that took place for a database user, the date and time stamp, and shows the name of the user who performed the action.

User Security Entitlement Reports - Center Roles
Action RuleDescription
User Security Entitlement Reports - Business GroupsDisplays selected business group(s) details.
User Security Entitlement Reports - PACE RolesDisplays selected PACE role(s) details.
User Security Entitlement Reports - User AccountsDisplays selected user(s) account details.


Retired in V2017

 The following features were retired:

Panel
borderColorsilver

User Manager (Classic)

User Administration was introduced in Eagle v13.1 and enhanced in Eagle 2015. It replaces the legacy User Manager functionality. User Administration is necessary for managing permissions in the Eagle UI. It allows you to manage all Eagle users, PACE roles, business groups and Eagle Center roles. The functionality that existed in the legacy User Manager component is included or updated in User Administration to account for changes in the Eagle UI. The use of legacy User Manager in the Eagle UI could cause issues with your permissions. As a result, Eagle has retired legacy User Manager. It is no longer available in Eagle starting with version 2017.

This issue was tracked as Item #153286.