Generally, you perform the following steps in order when setting-up Serena Release Automation security:
Create Roles.
Create roles and define permissions for the various product areas (see Creating and Editing Roles). For most evaluations, the default roles should be adequate.
Use the UI security area to quickly assign access permissions to the different areas of Serena Release Automation.
Use the system security area to assign usage permissions, including the ability to define security for other users.
Authorization Realms.
Authorization realms are used by authentication realms to associate users with groups and to determine user access (see Authorization Realms). Serena Release Automation includes both an internal database for storing security information as well as integration with the Lightweight Directory Access Protocol (LDAP). LDAP is a widely-used protocol for accessing distributed directory information over IP networks. If you are implementing a production version of Serena Release Automation, the LDAP integration is recommended. If you are evaluating Serena Release Automation, it is not necessary to set up the LDAP integration—full security is configured and enforced by the server.
Create Groups and Define Default Permissions.
Determine default permissions by product area. Global default permissions can be granted.
Create Authentication Realm.
The authentication realm is used to determine a user's identity within an authorization realm. If more than on realm has been configured, user authentication is determined following the hierarchy of realms defined on the Authentication pane. When a user attempts to log in, all realms are polled for matching credentials.
Add Users.
Add users to an authentication realm, then assign them to groups and roles. If your are using LDAP, you can import users and map them to the security system.