Show TOC

Creating Externally-Authenticated Repository UsersLocate this document in the navigation structure

If you have connected the repository to an LDAP server and selected the Auto-create user accounts in repository option or have enabled single sign-on, any users with valid accounts in your organization can, by default, connect to and browse the repository using PowerDesigner Web. You can modify this default behavior by changing the rights and permissions of the External users group, or provide specific rights and permissions for some users by pre-creating repository user accounts for them.

Context

For example, if you want to allow any user connecting to the repository to create and edit diagrams in the Processes folder and submit them for approval, you would: In many environments, you will want to grant different rights to different groups of users, or provide them with different permissions. For example you may want to allow users to submit changes only for processes in their particular line of business based on sub-folders beneath the Processes folder. In this or other more complicated cases (or if you want to restrict which users can connect to the repository and have not selected the Auto-create user accounts in repository option), you should create accounts for your anticipated users before inviting them to connect.

Procedure

  1. From the homepage, click Start of the navigation path Administration Next navigation step Users End of the navigation path, click the Edit tool and then click the + button to open the new user's property sheet.
  2. Enter the user's corporate account name in the Login name field, select External (LDAP), and click the Check Name button to verify the login name and auto-fill the remaining fields, which are set, with the exception of Comment, to read-only.
    Note You may need to enter your own corporate account name and password to connect to the LDAP server, even if your connection is configured for anonymous binding.
  3. In the Rights panel, select the check boxes corresponding to the rights you want to assign. The following rights are available:
    • Connect - Connect to the repository and view diagrams in PowerDesigner Web.
    • Edit on Web - Create and edit diagrams in PowerDesigner Web.
    • Edit Extensions on Web - Create and edit custom properties in PowerDesigner Web. Gives access to the Administration/Extensions tile.
    • Freeze Versions - (only used with the desktop PowerDesigner client).
    • Lock Versions - (only used with the desktop PowerDesigner client).
    • Manage Branches - (only used with the desktop PowerDesigner client).
    • Manage Configurations - (only used with the desktop PowerDesigner client).
    • Manage All Documents - Perform any action on any document version. Implicitly includes Full permission on all repository documents.
    • Manage Users - Create, modify, and delete repository users and groups, grant them rights, and add them to groups. Gives access to the Administration/Users and Groups tiles.
    • Manage Repository - Create, upgrade, and delete the repository database. Gives access to the Administration/Settings tile.
  4. Click the Groups facet and add the user to any appropriate groups (see Adding Users and Groups to a Group).
    All externally-authenticated users are added to:
    • All users (PUBLIC) groups, from which they inherit, by default, Read permission on all the contents of the repository.
    • External users (EXTERNAL) - from which they inherit, by default, the Connect right.
  5. Click Save to complete the creation of the user.