Documentation forAccess Rights Manager

Add ARM users

In the Configuration application, click the User Management tile to add new ARM users.

About Users and Role Management

The Users and Role Management window allows you to create and configure user accounts that can log in to ARM and use specific features that you set up for each account.

After you activate User Management, you can search for users and groups—including built-in groups—under Available accounts using Active Directory. When you complete the search, drag a user or group to the right column (List of accounts which can use ARM). This process grants the user or group access to ARM.

By default, when User Management is disabled, new users are automatically added to the ARM user list or activated when they log in to ARM.

New ARM users have Read permissions by default. After you define your ARM user roles, you can assign a role to each user account in the right column. Each role defines the actions a user can perform in ARM.

Add a new user

  1. Start the Configuration application.

  2. Click User Management.

  3. In the User and Role Management window, click the link at the top of the window to switch to Role Management.

  4. Under Available accounts, select Users or Groups to locate a user or group, respectively. You can also select both options to narrow your search

  5. In the search field, enter the path to the user or group you want to locate, and then click the search icon. Your results display under the Name heading.

    When you add a new ARM user, the application triggers a live request to AD. Performing an AD scan prior to adding a user is not required.

    If you enter a domain (for example: domain2\another.user), ARM searches this domain.

    If you do not enter a prefixed domain in the search field, ARM locates and reads the domain that hosts the originating credentials.

  6. Locate the targeted user in the list.

  7. Drag the new user to the right column. You can also double-click the user.

    When you assign a user to a change role—for example, Data Owner—the user initially has no access to resources and can only see their own account in ARM. If you want to grant additional user access, see Data Owner configuration and GrantMA for instructions.

Using groups as ARM users

You can use AD groups as ARM users. This process is identical to adding an ARM user, but can vary based on nested groups and the hierarchy of role assignments.

Nested groups

If you need to resolve nested group memberships, see Configure ARM for the use of nested groups in the ARM user management located on the SolarWinds Support website. This article provides instructions on how to configure ARM to resolve nested groups during the ARM log in.

Using complex group structures will significantly increase the log in time.

Hierarchy of role assignments

By using groups, you can assign several roles to a user. In this configuration, the log in mechanism verifies the role columns from left to right and selects the first match. There is no combination of roles.