On This Page
Configuring Users
The Rule Lifecycle Management App (RLM) App Administrator must complete two overarching tasks related to configuring users:
-
Configure user accounts that RLM will use to integrate with SecureChange and SecureTrack. The user accounts chosen for this configuration must adhere to the guidelines described in this topic.
-
Configure SecureChange accounts for the end-users who will certify rules or otherwise participate in certification activities. Rule Owners must have a SecureChange account to access RLM and certify rules. A SecureTrack account is not required.
This topic introduces details about these users. See Creating Users to learn more about TOS users in general.
Users Required for Configuration
SecureChange Integration
In the Settings () > Setup menu, add credentials for a SecureChange user that RLM uses to make calls to and from the SecureChange database.
This user must have the following permissions, which are included in the default Security Administrator role in SecureChange:
-
View Settings tab and configure Orchestration Suite settings
-
Create change requests and view 'My Requests' tab
-
View Tasks tab and handle tickets
-
View Reports tab and create reports
-
Create and handle tickets on behalf of another user (via API only)
Ticket Requestor
When RLM integrates with SecureChange, it does not relay details about which user certified or decertified the ticket. Instead, RLM opens tickets using a single, predefined Requestor user, which you configure in the Settings () > Setup menu.
-
This user must have the default Requestor role in SecureChange or must have a custom role that includes this permission: Create change requests and view 'My Requests' tab
-
This user could be the same as the user account that RLM uses to access SecureChange.
SecureTrack Integration
RLM must integrate with the SecureTrack database to retrieve rules that require certification.
-
The user that you select in the Settings () > Setup menu must be an Administrator for a single domain setup or Super Administrator for multiple domains.
Default Rule Owner Group
When RLM assigns rules to owners based on the assets or applications used in the rule, there are instances when no relevant owner can be found. In this scenario, RLM assigns the Default Owner group. You define this user in Settings () > Owners and Assets.
This user must have the following permissions, which are included in the default Security Administrator role in SecureChange:
-
View Settings tab and configure Orchestration Suite settings
-
Create change requests and view 'My Requests' tab
-
View Tasks tab and handle tickets
-
View Reports tab and create reports
Create Rule Owner Users in SecureChange
Every Rule Owner who will certify rules must have a user in SecureChange. The role, and corresponding permissions assigned to these users in SecureChange, will affect which screens are visible in RLM. Use the following table to ensure the relevant RLM screens are visible to each user.
Default Role in SecureChange |
Permission in SecureChange |
Corresponding RLM Access |
---|---|---|
Auditor | View Reports tab and create reports |
All Rules Reports Home |
Business Owner | Create change requests and view 'My Requests' tab |
My Queue Pending |
Requestor | Create change requests and view 'My Requests' tab |
My Queue Pending |
Security Administrator | View Settings tab and configure Orchestration Suite settings |
Settings Requests Scan |
Create change requests and view 'My Requests' tab |
My Queue Pending |
|
View Tasks tab and handle tickets | Tickets | |
View Reports tab and create reports |
All Rules Reports Home |
|
System Administrator | View Settings tab and configure Orchestration Suite settings |
Settings Requests Scan |