In this section:
About User Administration
Users with administrator privileges can access User Administration (pstsec), which is an interface for performing the following tasks:
- Adding or removing users from the database
- Defining user groups
- Granting and managing user and user group permissions
- Connecting to your organization's user directories (see Configuring LDAP)
Accessing the User Administration Module
Open one of the following addresses in your browser to access the User Administration module:
http://<HOST>:8080/pstsec for HTTPhttps://<HOST>:8443/pstsecfor HTTPS
By default, User Administration is configured to run on localhost. The User Administration module will automatically display the Users panel. Log in with user who has administrative access (or is member of EM Administrator group). Only administrators can access the instance of User Administration shipped with License Server.
See Authentication if you want to configure License Server to authenticate against an instance of User Administration deployed to a different machine.
Do not modify the settings in the Groups or User Directories panels.
If you deployed the User Administration module shipped with CTP, you can access User Administration from the Security Configuration page:
- Choose Security Configuration from the administration menu (gear icon).
- Click the Browse User Administration on <host> link.
Default Admin User
The user appointed to manage your Parasoft infrastructure should have administrative permissions assigned at the beginning of the security configuration. Those permissions include the following:
- Basic permissions (
pstsec:basicAccess:true): If defined and set, it provides authorized access to the security module. This permission setting allows the administrator to edit defined users and permission groups. - Administration permissions (
pstsec:administration:true): If defined and set, it enables the administrator editing privileges to modify Users section.
The administrative (admin) user already exists in the database. For security reasons, we recommend assigning administrative permissions to the selected user with a unique password.
Terminology
This section describes user-related terminology:
Permission
Permissions refer to the type of access a user has to a specific functionality. The permission format includes the applicable tool, name of the permission type, and permission value (tool:name:value).
The following example gives a user provision access in CTP:
em:role:provision
Permission applies to both Permission group and User.
Native Permissions
Permissions that have been explicitly granted to a permission group by an administrator.
Inherited Permissions
Permissions that are inherited from a parent permission group.
Permission Group
A permission group represents a set of permissions. Permission groups can contain multiple native permissions and can be children of multiple parent permission groups. You can enable/disable both native and inherited permissions in a group.
User
"User" refers to a regular system user. Each user can have multiple of permissions (native permissions) and can be a member of multiple permission groups.
Inherited user permissions are grouped and reflect the permission group hierarchies. Any permission can be disabled/enabled based on specific needs. Permissions inherited by a user from different permission groups are separated but linked with the individual permissions.
