There are three user roles available in Toad Intelligence Central: Standard user, Power user, and Administrator. During installation of the Toad Intelligence Central server, the Toad Intelligence Central Administrator (root) user account is created. This account has access to all administrative privileges.
The root Administrator account (or any account with the Administrator role) can grant/edit the role for another user account. This can be done when creating a new account or when editing an existing account.
Review the following role descriptions.
Review the following privileges for each role. In particular, all actions performed through the Administration | Server section of the Web Console are available only to users with the Administrator role.
The following table lists the user management privileges that are provided by each role. See Manage Users and Groups for more information.
Privilege/Action | Administrator | Power user | Standard user |
---|---|---|---|
Add users. This privilege is configuration dependent. See Configure New User Registration. | Y | configuration dependent | configuration dependent |
Add groups. This privilege is configuration dependent. See Misc Administrator Activities. | Y | configuration dependent | configuration dependent |
View users and groups | Y | Y | Y |
Change a user's role to Administrator, Power user, or Standard user. See Manage Users and Groups. | Y | N | N |
Change a user's email subscriptions. See Specify User Email Subscriptions. | Y | user's profile only | user's profile only |
Disable/enable a user | Y | N | N |
Remove a user | Y | N | N |
Edit Intelligence Central users | any user | user's profile only | user's profile only |
Reset the password of Intelligence Central users | any Intelligence Central user | user's password only | user's password only |
Create Intelligence Central groups | Y | Y | Y |
Edit/remove Intelligence Central group | any group | groups owned by user | groups owned by user |
Remove an Active Directory group | Y | N | N |
Synchronize Active Directory | Y | N | N |
The following table lists the object management privileges that are provided by each role.
Privilege/Action | Administrator | Power user | Standard user |
---|---|---|---|
Publish objects (non-secured folder) | Y | Y | Y |
Publish objects to a secured folder | Y | folders for which user has publish privilege | folders for which user has publish privilege |
View objects on Home page and view object details | all objects | objects shared with the user | objects shared with the user |
View a secured folder and its contents | Y | folders shared with the user | folders shared with the user |
(View or snapshot) Display the text for the underlying query | Y | objects managed by the user | objects managed by the user |
(Automation script) Display the detailed execution logs | Y | objects managed by the user | objects managed by the user |
Edit an object, grant/revoke access rights to the object, lock the object, delete the object, rename the object | all objects | objects managed by the user | objects managed by the user |
Move an object | all objects | objects managed by the user | objects managed by the user |
Move a non-secured folder and its contents | Y | folders in which all objects are owned by or managed by the user | folders in which all objects are owned by or managed by the user |
Move a secured folder and its contents | Y | folders managed by the user | folders managed by the user |
Create a secured folder. This privilege is configuration dependent. See Configure Server for Folder Security. | configuration dependent | configuration dependent | configuration dependent |
Delete a folder | Y | folders in which all objects are managed by the user | folders in which all objects are managed by the user |
Modify authentication key for an object | Y | objects managed by the user | objects managed by the user |
(View or Automation script) Edit the default value for a variable | Y | objects managed by the user | objects managed by the user |
(Automation script) Change script run account | Y | objects managed by the user | objects managed by the user |
Force consumers to take a shared object published or managed by the user | Y | Y | N |
In addition to granting object manage privileges by user role, manage privileges to an object are also granted based on the user's relationship to the object, for example, the object's publisher. For more information about privileges based on object relationship, see Manager Privileges.
Only a user with the Administrator role can view and access the Server page (Administration | Server) in the Web Console. The Server page contains the following miscellaneous features:
Privilege/Action | Administrator | Power user | Standard user |
---|---|---|---|
View/access Administration | Server |
Y | N | N |
The following table lists the licensing privileges provided by each role. See License Toad Intelligence Central for more information.
Privilege/Action | Administrator | Power user | Standard user |
---|---|---|---|
View licenses | Y | Y | Y |
Enter new licenses | Y | Y | Y |
Delete licenses | Y | N | N |
The root Administrator account (or any account with the Administrator role) can place some restrictions on how new users are registered and how accounts are created in Intelligence Central.
By default anyone can self-register and add users to Toad Intelligence Central. Any user with an Administrator role can disable self-registration.
To enable/disable add users and self-registration
In the New User Registration section, select one of the following options.
Only the Administrator can add users | Select this option to allow only users with an Administrator role to add users to Intelligence Central. |
Anyone can self-register and add users |
Select this option to allow anyone to self-register and add users. A pre-existing account on Toad Intelligence Central will not be required when self-registering.
|
For more information about Administrator privileges, see User Roles.
You can specify a default user role for all new accounts. The default role is applied when a new user account is created. Only Administrators can specify a default user role. Administrators can then change the new account's role later.
To specify default user role
You can require that new accounts use only Active Directory credentials.
To restrict new accounts to Active Directory users
By default anyone can create group, and any user with Administrator role can update this rule.
To specify default user role who can create group
When a domain in the Active Directory® forest is synchronized with Intelligence Central, changes to users and groups in the domain are replicated on Intelligence Central. Any user with an Administrator role (User Roles) can manage synchronizing Toad Intelligence Central with Active Directory.
From a web browser login to Intelligence Central as a user with an Administrator role. Click Administration | Server | Settings.
Table 1: Domains in the Active Directory forest synchronized with Toad Intelligence Central
Field / Action | Description |
---|---|
Last synchronized |
Show the time the domain was last synchronized with Toad Intelligence Central. If the last attempt was unsuccessful then the error is reported in red. |
Edit |
Click to edit the schedule or to show/change the username and password used to connect to the domain. This username/password pair is used to synchronize Toad Intelligence Central with Active Directory. The credentials are saved on Toad Intelligence Central. |
Remove |
Click to remove the domain from this list. The users and groups added from this domain will remain on Toad Intelligence Central, but will not be synchronized again. The Active Directory credentials saved on Toad Intelligence Central are removed. |
Synch Now |
Click to synchronize Toad Intelligence Central with the domain now. Note that if a Synchronization operation is already in progress then Toad Intelligence Central must wait till that is finished before it can synchronize again. |
Changes to users and groups in Active Directory are replicated on Intelligence Central according to the following rules.
Table 2: Synchronization rules
Active Directory | Toad Intelligence Central |
---|---|
User details updated | Update the user details from Active Directory (name and email address). |
User disabled | Disable the user in Intelligence Central |
User deleted |
Delete the user from Intelligence Central if the user is inactive. Inactive users have no published objects, no objects shared with them as an individual and are part of no other group. Otherwise, disable the user in Intelligence Central. This is to ensure that if the user owns any objects that they will be kept. |
User renamed | Delete or disable the old user in Intelligence Central (as above). A new user account is not automatically created in Toad Intelligence Central. |
User enabled | Enable the user in Intelligence Central. |
Group details updated | Update the group details in Intelligence Central (name and description). |
Group deleted | Remove the group from Intelligence Central. Users in the group who are inactive on Toad Intelligence Central are automatically deleted. Inactive users are users who have no published objects, no objects shared with them and are part of no other group. |
Group membership updated (User added to the group) | Add the user to the group in Intelligence Central. Create a the new Intelligence Central user account if the user does not already have one. |
Group membership updated (User removed from the group) | Remove the user from the group in Intelligence Central. Delete the user if the user is inactive. Inactive users have no published objects, no objects shared with them as an individual and are part of no other group. |
Intelligence Central can send activity reports and error alerts to users for objects they own or manage. A user with the Administrator role can receive an additional report—the Daily or Weekly Digest—that summarizes activities relevant to the Administrator role.
Email notifications can be enabled or configured on three different levels.
There are four types of email notifications.
© 2024 Quest Software Inc. ALL RIGHTS RESERVED. Termini di utilizzo Privacy Cookie Preference Center