Define the ARM user roles

User roles are categories assigned to users based on their job title or function. Roles allow you to define the level of access and functionality within ARM.

After you add new ARM users and define the user roles, you can assign the roles to your ARM users.

Role types

ARM provides the following user role types (from left to right, as shown below):

Two Administrator roles
Five Change roles
One Read only role
One Manager role
One Requester role

You cannot add additional roles. You can edit an existing role name by clicking the pen icon and entering a new role name.

The Manager Role cannot be assigned by ARM user management. This role is controlled by the Manager attribute in AD.

The Administrator role can access User Management. The Junior Administrator role does not have the permissions to access User Management.

Role functions

Use the check box matrix to determine which role can use specific views and functions. Unlicensed views and features are grayed out (legacy 8MAN licensing model only).

Search for a role by action

Enter a term in the search field to filter and locate a role based on action.

Certain functions require specific access and views. For example, the "reset user password" functionality requires the Accounts or Resource view.

All changes take effect immediately without requiring users to log in again.

Simplified rights management

Using simplified rights management, certain details are hidden to simplify operation. This option is suitable for non-technical data owners.

Simplified rights management limitations

The Group Wizard creates groups and members. This wizard must be activated when using simplified user management. You can enable this option with the Group Wizard deactivated, but this process will generate an error.

The Apply to All option is not available in the Group Wizard. As a result, existing direct access rights cannot be turned into group memberships.

The detailed list of planned changes is hidden.