Users

the users pane allows you to add and manage permissions for your edge device's users relationship of roles, groups, and users manufacturing connect edge incorporates a role based access control (rbac) to customize user permission settings in the form of three distinct components roles each role has a collection of customizable permissions roles are added to groups and determine the permissions groups have see role permissions docid 8bdd mizycbthdcesjhb7 for details groups a group is made up of one or more roles the roles in a group determine the permissions for the group users accounts that will be assigned to groups the one or more groups a user is assigned to determines the roles and permissions the user has working together, a role determines the permission settings a group will have a group will contain one or more roles that determines its permissions a user will be assigned to a group where it will have access to manufacturing connect edge based on the the group's one or more roles important the following properties should be kept in mind when adding/editing roles/groups/users a group can receive more than one role (and their respective permission settings) to a resource a user can be assigned to multiple groups if a user is not assigned to at least one group, they will not be able to log in to manufacturing connect edge in the case of conflicting permission settings as long as there is at least one role or group with permissions to a resource, regardless of how many other roles/groups that don't have it, users will receive that resource default roles, groups, and users by default, the following user management items are provisioned that can't be deleted roles administrator viewer groups administrators viewers user admin the system ensures that at least one user has the appropriate administrative permissions to manage roles, groups, and users default user permissions by default, every user has the permission to accept the manufacturing connect edge end user license (eula) when logging in the first time users can also access their user profile to view their current user permissions and change their password see manage your user profile docid\ c9ogwvhjuhdpsyohzbeqz for details every user also has the view permission for the following components when navigating to the system module in manufacturing connect edge info certificates network remote access device management services external storage policy management license support learn more about role permissions docid 8bdd mizycbthdcesjhb7 backup files and templates all role, group, and user configurations are included in backup files see backup/restore docid\ gyhe k9totaybo64qbklb and backup file contents and file management docid gxnwa1emuwhsku49n8e6 for more information in template files, only authentication providers are included in template configurations if you apply a template to a new edge device, you will need to map ldap groups manually see manage ldap providers docid\ jxjkwjhkdgz48p3qf2ryv for more information legacy user migration for manufacturing connect edge instances on version 3 2 and earlier, there were three possible roles observer, developer, and administrator when you upgrade to version 3 3 or later any administrator role is automatically provisioned to the administrators group with the group's respective permissions observer and developer roles are automatically provisioned to the viewers group with the group's respective permissions access users ui note you must have the appropriate permissions to manage roles, groups, and users by default, the first use r (admin user) provisioned in manufacturing connect edge has these user permissions to access the uers ui log in to manufacturing connect edge from the navigation panel, navigate to system > users the users pane appears the roles tab displays by default you can switch to the groups and users tabs next steps add a role docid\ cljncwpqkwrg1pbgdug k manage roles docid 3gm47vhaoxrxd578y5dal add a group docid\ mtp5bxlmpco40tftktks5 manage groups docid\ c68olpgwl1qncnf s pd add a user docid 5ysybgedtk2lwouc79xgk manage users docid\ qnldl xf1ashl3uzvfhba manage your user profile docid\ c9ogwvhjuhdpsyohzbeqz role permissions docid 8bdd mizycbthdcesjhb7