Users, groups, and roles
Access control is an important part of securing your system. Configuring user access to the Operational Decision Manager applications involves defining users and groups of users, and then mapping them to the predefined roles.
Users
Users represent either people who work with Operational Decision Manager or system users who administer Operational Decision Manager. Users can be distinct members or part of a group. Users or groups are authorized by associating them to roles.
Groups
Groups are collections of users. Administrators can assign all the users within the same group to a role, and by doing so, they do not have to manage users individually.
Roles
Different roles are assigned different levels of security access.
Decision Center roles
Decision Center has the following predefined roles:
| Role | Description | Use |
|---|---|---|
rtsUser |
Standard user | Basic use. |
rtsInstaller |
Installer | Only required for the initial installation of Decision Center. |
rtsConfigManager |
Configuration manager | Has all the rights of the standard user, plus extra rights in the Business console. For example, create and edit deployment configurations. |
rtsAdministrator |
Administrator | Has all the rights of the standard and configuration manager users, plus extra rights in the Business console. For example, enforce security on decision services. |
For more information, see the Decision Center topics Enabling users and groups, Security, and Authentication.
Rule Execution Server roles
| Role | Description | Use |
|---|---|---|
resMonitors |
Monitor | Can view and monitor (read-only) decision services in the Rule Execution Server console. |
resDeployers |
Deployer | In addition to monitoring rights, can, for example, deploy decision services. |
resAdministrators |
Administrator | Full control in the Rule Execution Server console and on deployed resources. |
For more information, see Rule Execution Server console and user roles. For information about how to bind groups of your user registry to the roles, see Deploying the Rule Execution Server management archive.
Default credentials
Operational Decision Manager is delivered with default credentials that are created for testing purposes. Default passwords should be changed immediately to strong passwords or removed.