Administer > Application setup > Controlling user access and security

Controlling user access and security

The System Administrator can control user access to Service Manager in the following five ways:

  1. Setting individual access restrictions in operator records

    • Assigning capability words to operators
    • Assigning operators to application profiles
    • Assigning roles to operators
    • Assigning Security Roles to operators for Process Designer enabled modules

    • Assigning operators to assignment groups
    • Assigning operators to security groups
    • Assigning operators to user role descriptions
    • Creating a login profile
    • Modifying field-level rights
    • Enabling application time limits
    • Enabling file attachment restrictions
    • Enabling password requirements
    • Enabling printing restrictions
    • Enabling user session restrictions
  2. Setting access restrictions by tailoring the application layer

    • Creating displayoptions and displayscreens
    • Creating document engine objects, states, and processes
    • Creating formatctrl
    • Creating menus
    • Defining DVD controls
  3. Setting global access restrictions in the System Wide Company record

    • Enabling account expiration times
    • Enabling active integrations to external applications
    • Enabling application time limits
    • Enabling login restrictions
    • Enabling password requirements
  4. Setting global access restrictions to application tables in Mandanten

    • Defining security group access to database tables
    • Filtering records visible to users by security groups
    • Limiting access to records by adding security group restricting queries
  5. Setting global access restrictions in the initialization file:

    • Defining named users and restricting login to these named users only
    • Enabling Secure socket layer (SSL) connections between the server and clients
    • Enabling shared Mandanten file restrictions

In some cases, these five levels of access restrictions describe the same settings. In such cases, Service Manager uses the following precedence to determine what access restrictions apply:

  1. Settings in the initialization file override all other security settings
  2. Tailoring settings override security settings in individual operator records and the System Wide Company Record
  3. Settings in an individual operator records and Mandanten override security settings in the System Wide Company Record
  4. Settings in the System Wide Company Record apply to all operators that have no other security settings

Related topics

Application Setup
Adding users
Creating operator records
Defining named users
Operator passwords
Operator records
Operator templates