My account Book a demo

User management

Mac Lewandowski - Dataedo Team Mac Lewandowski 6th April, 2022
Applies to: Dataedo 10.x versions, Article available also for: 23.x (current)
You are looking at documentation for an older release.
Switch to the documentation for Dataedo 23.x (current).

The following article describes in details users, groups, roles, and permissions management in Dataedo Web Catalog.

Users

In Dataedo Web Catalog, you can easily add, edit or remove users. Head over to users management view. In the table, you will see all users who already have access to your Web Catalog.

Users

Adding a user

To add a user you need to provide their Login and Display name.

Adding

Please note, that Dataedo Web Catalog will not ask for a user password at any step, as user authentication can be done only with separate systems. Find out more about the login flow in the Accessing Web Catalog article.

Managing a user

After creation, you can go into user details.

Details

There are two tabs inside. The first one, allows you to edit basic details and the second is about Permissions. More on Permissions in later sections in this article.

Deleting a user

Deleting a user requires confirmation in the popup.

Deleting

When a user is deleted, his name is anonymized, but information about the user persists in the database, so content created by the user (like comments) will be still available.

Deleted users can no longer log in. Since user deleting is soft-delete process, you can reverse it through altering deleted column in dbo.licenses table.

Restoring a user

Starting from Dataedo 10.3.2 restoration is available through Users management.

Image title

In older versions you can use the following command to restore a deleted user:

UPDATE [dbo].[licenses]
    SET [email] = 'user@email.address' --Email address used for notifications
    ,[name] = 'Display Name' --Name displayed on comments created in Web Catalog
    ,[deleted] = 'false' --do not change this value
    WHERE [login] = 'login'; --Login used to access (SQL login, AD name (including domain), or email address if using SAML

Using two accounts

When the same person is working both with Dataedo Desktop and Dataedo Web Catalog it is possible that they will have two separate user accounts. For instance, Online Account for Dataedo Desktop and OKTA account for Dataedo Web Catalog.

Groups

Groups should mirror company structure and are meant to make permissions management easier. Instead of assigning the "Editor" Role to users one by one, we recommend you group all editors into one group and assign permissions to it.

Adding a group

You can add a new group or edit existing from the group listing.

Groups

Managing a group

After creation, you can open group details, to edit basic settings like the name of whether the group is the default. You can also assign permissions to the group. More on permissions in later sections in this article. You can also use the users' tab in the Group management, to quickly assign Users to the Group.

Managing

Default group

Users can be created manually, or automatically upon first login attempt to the Web Catalog - explained in this article. Default group setting specifies if the group should be assigned to all new users.

During user creation, the user is automatically assigned to all default groups.

Deleting a group

Deleting the group requires confirmation in the popup.

Deleting Group

When you confirm:

  • all users are unassigned from a group (all users are losing permissions inherited from this group),
  • the group with all its settings is irreversibly deleted.

Roles

A role is named a set of actions, that one can perform. Roles in the system should mirror real-life responsibilities, like "External viewers" or "Data Stewards".

We are adding a few predefined Roles to the list, but you can manage all of them.

Roles

Managing a role

Managing a role is setting what actions are included in it. A complete list of actions with scope explanation is available in Actions in Dataedo Web Catalog article.

Editing a Role

Deleting a role

When a role is deleted, all permissions based on that Role are removed from the system.

Permissions

Permission is a role assigned to someone (User or Group) in some context (Repository or Database).

Examples of permissions are:

  • John Doe has an Admin role in SQL Server DB 1.
  • Analysts Group has an Editor role in Oracle Documentation.
  • Viewers Groups have a Viewer role for the whole Repository.

Assigning permissions

You can give permissions both to users and groups, through a very similar UI. On top of the screen, you are defining repository roles (global in other words). Below you are defining roles for a specific data source (database or Business Glossary).

Permissions

Inheriting permissions

Users inherit all permissions from all Groups they are in.

In other words, user permissions are a summary of all his personal permissions and permissions inherited from his groups. You can audit a summary of all permissions through users' details.

Auditing database

You can check permissions from a data source perspective. Open permissions tab from the database page to view all users with their access levels.

Permissions summary

Contact support Report issue
Found issue with this article? Comment below
Comments are only visible when the visitor has consented to statistics cookies. To see and add comments please accept statistics cookies.
0
There are no comments. Click here to write the first comment.