Installation and Configuration  Security Administration  Setting up Security

Setting up Security

Generally, you perform the following steps in order when setting up Deployment Automation security:

  1. Create Roles

    Create roles and define permissions for the various product areas. For most evaluations, the default roles should be adequate.

    Use the UI security area to quickly assign access permissions to the different areas of the Deployment Automation Web application.

    Use the system security area to assign usage permissions, including the ability to define security for other users.

    See Role Configuration.

  2. Create Authorization Realms and Groups

    Authorization realms are used by authentication realms to associate users with groups and to determine user access. Deployment Automation includes an internal database for storing security information and provides an integration with the Lightweight Directory Access Protocol (LDAP). LDAP is a widely-used protocol for accessing distributed directory information over IP networks. If you are implementing a production version of Deployment Automation, the LDAP integration is recommended. If you are evaluating Deployment Automation, it is not necessary to set up the LDAP integration; full security is configured and enforced by the server.

    See Authorization Realms and Groups.

  3. Define Default Permissions

    Set default permissions by product area. You can set default permissions for all users or by group.

    See Default Permissions.

  4. Create Authentication Realms and Add Users

    The authentication realm is used to determine a user's identity within an authorization realm. Add users to appropriate authentication realms. If your are using LDAP, you can import users and map them to the security system.

    If more than one realm has been configured, user authentication is determined following the hierarchy of realms defined on the Authentication pane. When a user attempts to log in, all realms are polled for matching credentials.

    See Authentication Realms and Users.

  5. Add Users to Groups

    Add members to groups. Users who are members of groups inherit the groups' permissions.

    See Authorization Realms and Groups.

  6. Add Groups and Users to Roles

    To further refine the permissions by role, you can add groups and users to roles.

    For most product areas, you set these in the Security tab for each specific product area and item. System Security and UI Security are set in the Administration > Security options of the same names.

    Note: Environment and component security settings can be set at the direct object level and within the applications to which they are associated.

    For component security, no matter whether you set the security on the component level or application component level, the settings are applied everywhere.

    Environment security settings are handled as follows:

    • Upon initial association with an application, the security that is set for the environment is inherited by the application environment.
    • After an environment is associated with an application, if the security is changed directly on the environment, the setting for the application environment is not affected.
    • If the security is changed for the application environment, the setting at the direct environment level is not affected.

    See Adding Groups and Users to Roles.

Copyright © 2011–2015 Serena Software, Inc. All rights reserved.