Granting Users/User Groups Privileges to Functions
On this page you grant rights to functions.
Activate the checkboxes of the functions you want to grant.
|
Activate this checkbox ... |
... to allow the user to |
|---|---|
| Access to Explorer Folders | |
|
Access to <No Folder> |
Open the <No Folder> folder. Restored and transported objects are available here. Having the right to <No Folder> gives users access to those objects. |
|
Access to recycle bin |
Access the Recycle Bin. Deleted objects are available here. Having this right allows users to restore deleted objects. Restored objects are then available in the <No Folder> folder. |
|
Access to transport case |
Access to the Transport case. Users with this privilege can open objects that should be transported to a different client or system. They can also delete objects from the Transport Case. |
|
Access to Version Management |
Access the Version Management folder and open (in read-only mode), restore and delete saved object versions. Execution data and reports are also available in this folder. |
| Administration | |
|
Change system status (STOP/GO) |
Change the status of the system and interrupt automatic processing. |
|
Create diagnostic information |
Set the trace options and display the Quarantine page and its contents in the Administration perspective. |
| Execute system upgrades | Perform system upgrades. |
| FileEvents: Start without Login object specified |
Start FileSystem Events without using a Login object, that is, without entering specific user credentials. Granting or refusing this privilege affects the execution of FileSystem Events where the definition of a Login object is optional. |
|
FileTransfer: Start without Login object specified |
Start file transfers without using a Login object, that is, without entering specific user credentials. The Agent uses the credentials of the user who started it. Whether the Agent is allowed to process file transfers without Login object is specified in the UC_HOSTCHAR_DEFAULT variable, key ANONYMOUS_FT, see UC_HOSTCHAR_DEFAULT - Host Characteristics. |
| ILM actions | Access to the ILM pages (Partitions and History)and rights to configure ILM. |
| Manage favorites on user group level |
Configure the User Catalog. The user can configure User Groups and add them to the User Catalog folder in the Process Assembly perspective. This way, the users included in a User Group will have rights to the objects to which the User Group gives access. These objects are the available in their My Catalog dashboard. See Configuring the User Catalog. |
|
SAP Criteria Manager |
Access to the SAP Criteria Manager via the Form page of SAP jobs. |
| AWI Access Control | |
| Access to Administration | Access to the Administration Perspective. |
| Access to Analytics | Access to Analytics. |
| Access to Analytics for all clients | Access to Analytics for all clients. |
| Access to Dashboards | Access the Dashboard. |
| Access to Messages | Access to messages. |
| Access to Process Assembly | Access to the Process Assembly perspective. |
| Access to Process Monitoring | Access to the Process Monitoring perspective. |
| Access to My Catalog | Access to the My Catalog. |
| Advanced Editing | |
| Create and modify Backend variables |
Create and edit BACKEND Variables . Users who do not have this privilege can open these variables only in read-only mode. |
| Create and modify SQL-Internal variables |
Create and modify SQL variables, both Secure and Internal (see SEC_SQL Variables and SEC_SQLI Variables) Pre-requisite The value in SQLVAR_INTERNAL must be YES (see UC_SYSTEM_SETTINGS - System-Wide Settings . If this privilege is not available, the variable type SQLI is not available for selection when creating variables. Internal SQL variables always open in read-only mode. |
|
Object properties: allow manually reset of 'Edit Hint' |
If a user opens an object for editing, the object is marked. If a program interruption occurs during the editing process, the object keeps this tag even if the Automic Web Interface is restarted. Privileged users can remove this tag. |
| View Messages | |
| Dump memory trace | See the Force memory trace dump button on the Messages and Request pane. |
|
View all messages from accorded client |
See all messages that are addressed to the client in which the user is defined. |
|
View messages from own user group |
See all messages that are addressed to the User Group of which the user is a member. |
|
View messages to administrators |
See messages that are addressed to administrators. They are not assigned to any specific user or client and inform about system-wide actions (such as a Server start). |
|
View security messages |
See security messages. These messages are not assigned to a specific user. They are created through the access check of the Authorization System. |
| Access Control | |
|
Access to Auto Forecast |
Access to the Auto Forecast function (automatic calculation of forecast data for tasks that will run within a specified period of time). See AutoForecast. |
|
Access to deactivated tasks |
Filter for deactivated tasks. |
|
Access to Administration |
Open the Administration Perspective, which provides access to system and security information and functions. |
|
Deal with authorizations at object level |
Specify or change exclusive access rights to objects. This right should be combined with write access (W) to the object. This is define at object level, see Managing Authorizations at Object Level. |
| Logon via CallAPI | Access the Automation Engine system via the Call Interface. This allows users to start tasks from within their own programs or via the utility. |
|
Modify the status of a task manually |
Change the status of tasks. The system does not check if the new status is a logical status. If status >= 1800 is set, the task ends. |
|
Take Over Task |
Tasks run under the user who has started them. For a different user than the owner user to be able to assume a task, he/she must have this privilege. The corresponding command is then displayed in the context menu. See Taking Over the Ownership of a Task. |
|
View server usage of all clients |
View the server process workload in the individual clients. |
See also: