Users, Roles & Permissions
Users in ARM
Super Administrator
The Super Administrator (or Super Admin) is the person who has the highest permissions of all the admins. This role can create other admins, assign or remove permissions, and perform all other admin activities. Deciding who and how many users you assign as super admin users requires significant consideration because they have the highest level of access and can make changes that affect the entire network.
Super admin permissions are required for the following:
Creating other admins
Installing and configuring agents
Adding users to admin groups
Org Administrators
Org Administrators (or Admins) are users with permission to access the ARM administration dashboard. The Admin can assign multiple roles to an individual admin if their job requires them to perform actions spanning multiple roles. You can share the responsibility of managing your ARM account by assigning administrator roles to other users.
As an administrator for your organization, you can see a list of all the roles and privileges assigned to your users. This information can help you quickly determine a user's level of access to your organization's account.
General Users
General users have access to the ARM application based on the permission assigned by their Org Administrator. They are not allowed to access the Administration dashboard.
Important NoteSuper Admin and the user currently logged in are disabled for ALL actions. They cannot be added, deleted, suspended, activated, deactivated, edited, or their roles delegated to other users.
Create a New User Account
To create a new user account:
Log in to your ARM account.
Hover your mouse over the
Admintab and click on theUsers.Click the
Add Userbutton.Fill in the
User Detailsand configure theRole Permissions.Click
Save & Activateto activate the users orSave Now & Activate Laterto save the user details. They can be activated later from this page.Your colleague will receive an email inviting them to set their password and log in.
Newly created users are updated in the
Userstab under theAdminmodule.
Edit a User Account
After youâve created a user, you can change most of their information and permissions. While you can't edit the Username and Email associated with a user, you can change the remaining fields.
Log in to your ARM account.
Go to the
Userstab. Locate the user to whom you would like to make changes.Click on the
Editicon.Make any desired changes and click on
Save.
Delete or Suspend a User's Account
If you have user management permissions, you can suspend or delete users. Suspended users can be reactivated; deleted users are permanently removed.
Sign in using an administrator account.
Navigate to
Admin > Userstab. Locate and select the user you'd like to make changes to.Click on
Delete Userto delete the user account permanently.You can temporarily block users' access to your organization's services by suspending their accounts. Select the user and click on
Activate/De-activatebutton.Click
OKto confirm your selection.
Enforce single sign-on (SSO)
You can enable an option to enforce SSO for members of your team. This will make it mandatory for all team members to log in via SSO.
To enforce SSO, you need to enable the SSO login configuration. Go to the My Account page, and under the SSO Configuration, select the Disable login with AutoRABIT credentials checkbox. Click Save. Your team members will now be forced to log in via SSO only. Even if SSO is enforced, you, as an org administrator, can log in using either standard authentication (username/password) or SSO.
How to override single sign-on (SSO)?
If you, an org admin, want to override the SSO configuration for an individual team member or group of users, you uncheck the Enforce SSO boxes after selecting the team members from the list.
Note: When the Disable login with AutoRABIT credentials option is selected, the Enforce SSO checkboxes are automatically checked for all users.
Export Users
If you have Admin permissions, you can export a CSV file of all the users currently in your account. The CSV export will contain the following user information:
| Fields | Description |
|---|---|
| First Name |
| Last Name |
| User status - active or deactivated |
| Email address |
| Login Username |
| Assigned role |
| Job title |
| Last login date and time |
| Date when the account was created |
| The user who created the account |
| Date when the account was last modified |
| The user who modified the account most recently |
| Login type: Standard or SSO |
| The IP address of the user at the time of the last login |
| Geographical coordinates of the user at the time of the last login |
| City, state, and country of the user at the time of the last login |
| The user's browser at the time of the last login |
| Date when the account was deactivated (if applicable) |
| The user who deactivated the user account |
Important NoteWhen a user logs in to ARM, the browser pop-up message will ask permission to access the location details. If you allow permission, the location details will be retrieved through your browser, but if you deny permission, the location details will be retrieved through your IP Address.
To export all user's details in CSV:
On the
Usersscreen, in the upper right, clickExport All Users.The fields you can export will be displayed on the next screen. Click the
Exportbutton after choosing the fields you want to export as CSV.
Fields like
First Name,Last Name,Status,Email, andLogin Nameare automatically selected by default when a CSV file is exported. If necessary, you can exclude them from being exported.Your export will begin processing, and the CSV file will be downloaded on your local machine.
Export Data Limitations:The parameters in the CSV for previously registered users (older than 60 days) will be slightly different:
CreatedDate= OrgCreatedDate
CreatedByName = registered user of the org
LastModifiedDate, LastModifiedByName, Deactivated Date, and Deactivate by fields will be null
As expected, the exported CSV file will contain the newest parameter data and changes for newly registered users.
Creating and Editing Roles
You must assign at least one role to each user, with specific permissions granted to each role. If a user has multiple roles, the role with the most significant permissions trumps any others assigned.
Hover your mouse over the
Admintab and click theRolesoption.Click on the
Create Rolebutton.On the next screen, enter a
Role NameandDescriptionfor the role. On thePermissionstab, select the checkboxes to assign the roles you want users to have.Click
Save.
Important Note:
The Admin has the maximum permissions and cannot be edited or renamed.
The permissions you select determine which dashboard controls are in the Admin console and what settings the user can manage.
User Permission
This section summarizes the permissions assigned to the user. It allows them to view the type of access and actions they can perform in ARM. For example, users with the View Setup and Configuration permission can view Setup pages, and users with the API Enabled permission can access any Salesforce API.
To assign users to a role and permission, use the following steps:
From the ARM home page, click and go to the
Permissionstab.Select at least two users you like to assign permissions from the user's list view.
Click on
Bulk Assignment.
Important Note:
The user(s) with the Admin role is not displayed on the Permission page.
On the next screen, select the
rolesto be assigned and select the module(s) you would like to add to these users.Click
Save.You can click the user's name to open the user's record in detail view from the
User Permissionpage.
Last updated
