Users, Roles & Permissions
Users in ARM
Super Administrator
The Super Administrator (or Super Admin) is the person who has the highest permissions of all the admins. This role can create other admins, assign or remove permissions, and perform all other admin activities. Deciding who and how many users you assign as super admin users requires significant consideration because they have the highest level of access and can make changes that affect the entire network.
Super admin permissions are required for the following:
Creating other admins
Installing and configuring agents
Adding users to admin groups
Org Administrators
Org Administrators (or Admins) are users with permission to access the ARM administration dashboard. The Admin can assign multiple roles to an individual admin if their job requires them to perform actions spanning multiple roles. You can share the responsibility of managing your ARM account by assigning administrator roles to other users.
As an administrator for your organization, you can see a list of all the roles and privileges assigned to your users. This information can help you quickly determine a user's level of access to your organization's account.
General Users
General users have access to the ARM application based on the permission assigned by their Org Administrator. They are not allowed to access the Administration dashboard.
Important NoteSuper Admin and the user currently logged in are disabled for ALL actions. They cannot be added, deleted, suspended, activated, deactivated, edited, or their roles delegated to other users.
Create a New User Account
To create a new user account:
Log in to your ARM account.
Hover your mouse over the
Admin
tab and click on theUsers
.Click the
Add User
button.
Fill in the
User Details
and configure theRole Permissions
.Click
Save & Activate
to activate the users orSave Now & Activate Later
to save the user details. They can be activated later from this page.
Your colleague will receive an email inviting them to set their password and log in.
Newly created users are updated in the
Users
tab under theAdmin
module.
Edit a User Account
After you’ve created a user, you can change most of their information and permissions. While you can't edit the Username
and Email
associated with a user, you can change the remaining fields.
Log in to your ARM account.
Go to the
Users
tab. Locate the user to whom you would like to make changes.Click on the
Edit
icon.
Make any desired changes and click on
Save
.
Delete or Suspend a User's Account
If you have user management permissions, you can suspend or delete users. Suspended users can be reactivated; deleted users are permanently removed.
Sign in using an administrator account.
Navigate to
Admin > Users
tab. Locate and select the user you'd like to make changes to.Click on
Delete User
to delete the user account permanently.
You can temporarily block users' access to your organization's services by suspending their accounts. Select the user and click on
Activate/De-activate
button.
Click
OK
to confirm your selection.
Enforce single sign-on (SSO)
You can enable an option to enforce SSO for members of your team. This will make it mandatory for all team members to log in via SSO.
To enforce SSO, you need to enable the SSO login configuration. Go to the My Account
page, and under the SSO Configuration
, select the Disable login with AutoRABIT credentials
checkbox. Click Save
. Your team members will now be forced to log in via SSO only. Even if SSO is enforced, you, as an org administrator, can log in using either standard authentication (username/password) or SSO.
How to override single sign-on (SSO)?
If you, an org admin, want to override the SSO configuration for an individual team member or group of users, you uncheck the Enforce SSO
boxes after selecting the team members from the list.
Note: When the Disable login with AutoRABIT credentials
option is selected, the Enforce SSO
checkboxes are automatically checked for all users.
Export Users
If you have Admin
permissions, you can export a CSV file of all the users currently in your account. The CSV export will contain the following user information:
First Name
First Name
Last Name
Last Name
Status
User status - active or deactivated
Email
Email address
Login Name
Login Username
Role
Assigned role
Job Title
Job title
Last Login Date
Last login date and time
Created Date
Date when the account was created
Created By
The user who created the account
Last Modified Date
Date when the account was last modified
Last Modified By
The user who modified the account most recently
Login Type
Login type: Standard or SSO
Last Login IP
The IP address of the user at the time of the last login
Last Login Lat/Long
Geographical coordinates of the user at the time of the last login
Last Login Location
City, state, and country of the user at the time of the last login
Last Login Browser
The user's browser at the time of the last login
Deactivated Date
Date when the account was deactivated (if applicable)
Deactivated By
The user who deactivated the user account
Important Note: When a user logs in to ARM, the browser pop-up message will ask permission to access the location details. If you allow permission, the location details will be retrieved through your browser, but if you deny permission, the location details will be retrieved through your IP Address.
To export all user's details in CSV:
On the
Users
screen, in the upper right, clickExport All Users
.
The fields you can export will be displayed on the next screen. Click the
Export
button after choosing the fields you want to export as CSV.
Fields like
First Name
,Last Name
,Status
,Email
, andLogin Name
are automatically selected by default when a CSV file is exported. If necessary, you can exclude them from being exported.Your export will begin processing, and the CSV file will be downloaded on your local machine.
Export Data Limitations
The parameters in the CSV for previously registered users (older than 60 days) will be slightly different:
CreatedDate = OrgCreatedDate
CreatedByName = registered user of the org
LastModifiedDate, LastModifiedByName, Deactivated Date, and Deactivate by fields will be null
As expected, the exported CSV file will contain the newest parameter data and changes for newly registered users.
Creating and Editing Roles
You must assign at least one role to each user, with specific permissions granted to each role. If a user has multiple roles, the role with the most significant permissions trumps any others assigned.
Hover your mouse over the
Admin
tab and click theRoles
option.
Click on the
Create Role
button.
On the next screen, enter a
Role Name
andDescription
for the role. On thePermissions
tab, select the checkboxes to assign the roles you want users to have.
Click
Save
.
Important Note:
The Admin has the maximum permissions and cannot be edited or renamed.
The permissions you select determine which dashboard controls are in the Admin console and what settings the user can manage.
User Permission
This section summarizes the permissions assigned to the user. It allows them to view the type of access and actions they can perform in ARM. For example, users with the View Setup and Configuration
permission can view Setup pages, and users with the API Enabled
permission can access any Salesforce API.
To assign users to a role and permission, use the following steps:
From the ARM home page, click and go to the
Permissions
tab.
Select at least two users you like to assign permissions from the user's list view.
Click on
Bulk Assignment
.
Note: The user(s) with the Admin role is not displayed on the Permission page.
On the next screen, select the
roles
to be assigned and select the module(s) you would like to add to these users.Click
Save
.You can click the user's name to open the user's record in detail view from the
User Permission
page.
Last updated