Planning your environment to manage users

Plan your environment to manage users, roles, and teams according to the IBM RPA offering and authentication method you use.

The role-based access control (RBAC) applies to the following IBM RPA offerings:

  • IBM RPA on premises
  • IBM RPA on Red Hat® OpenShift® Container Platform
  • IBM RPA SaaS

These offerings enable you to manage users, roles, and teams in your IBM RPA environment in a way that adapt to and meet user requirements. The need for configuration depends on what kind of authentication you use in your IBM RPA environment: default authentication or single sign-on (SSO) authentication.

Default authentication

Default authentication is available for IBM RPA SaaS and IBM RPA on premises offerings only.

To create and manage custom teams, custom roles, and users through IBM RPA Control Center, install or update the IBM RPA to 21.0.2 or higher. For more information, see Understanding roles and teams.

Single sign-on authentication

Single sign-on (SSO) is available for IBM RPA on premises and IBM RPA on Red Hat® OpenShift® Container Platform offerings only.

IBM RPA on Red Hat® OpenShift® Container Platform
To create and manage custom IBM RPA teams and custom roles, and import LDAP users and groups through IBM RPA Control Center, install or update the IBM RPA operator to 1.2.0 or higher. For more information, see Understanding roles and teams.

Remember:
  • You no longer need to specify the groupMappings section in the IBM RPA custom resource to provide user and groups because the operator configures it automatically.
  • You use the same user who is configured to access the Red Hat® OpenShift® Container Plarform Platform UI to access IBM RPA Control Center.

IBM RPA on premises
To create and manage custom IBM RPA teams and custom roles, and import LDAP users and groups through IBM RPA Control Center, install or update the IBM RPA to 21.0.2 or higher. Also, you need to configure UMS to connect with your LDAP server. IBM RPA provides a configuration file for UMS that contains LDAP connection information.

  1. Create and configure the UMS database during the RPA server installation. For more information, see Preparing the environment and Set up the databases.
  2. Change the UMS configuration file to connect with an LDAP server. This file points to OpenLDAP by default.
  3. Import your LDAP users and teams. For more information, see Understanding roles and teams.