Intellectual Property
Copyright 2024 Celebrus Technologies plc
https://www.celebrus.com
Protected by patents in the U.S. and Europe:
US10430037, EP2684143, US8365188, EP1997041, US8880710, EP1979840, US8898309, EP1979839
This guide explains how to use the Celebrus Configuration Manager.
1. Introduction
The Configuration Manager is the application through which the system is configured. This configuration is automatically distributed throughout the cluster, without the need for manual intervention.
2. Permissions
The operating system user running the Configuration Manager requires full read/write permissions to its user home directory (or if the user.home system property is not set, then to the docgen folder and all subfolders within the Configuration Manager installation directory).
If that folder has not been created then you can either create it manually or grant the user permissions to the root directory of the Configuration Manager installation directory. This allows it to create the required directory structure for the document conversion service used to automatically create scenario documentation.
The Configuration Manager launches and runs without such permissions but displays an error warning that the document conversion service failed to start.
3. Configuration Manager
The Configuration Manager is a web application. Your vendor or systems administrator provides a URL for the Configuration Manager.
The Configuration Manager changes according to the permissions granted to the user. Hence in typical cases only a subset of the apps are available to a given user.
4. Users and roles
A user is a person granted access to one or more apps in the Configuration Manager. Each app allows users to edit configuration for that application. For example, the Data Loader app configures the Data Loader configuration.
There are a few apps which don’t edit configuration. For example, the Audit Trail app only displays information.
Users are granted permissions through the assignment of one or more roles. A role is a collection of apps which users are permitted to use. A role is typically used to describe the permissions required by people in a particular job in an organisation.
Multiple roles can be assign to a single user, which provides that user the union of the permissions in the assigned roles.
A user is said to have permission X, if one (or more) of their assigned roles gives permission for X.
Access to the system and its functions is controlled through the Users and Roles app within the Configuration Manager.
4.1. Administrator user
The system has a single administrator (super) user. This user’s permissions cannot be restricted in terms of user management, because that could lead to a system which has no users with any access.
4.2. Password recovery
There are no facilities for the administrator to reset a user’s password. Instead the user may request a reset when they forget their credentials, which sends an email to them containing a time limited reset token. Using this token and their user name, a password reset can be performed.
4.3. LDAP support
Lightweight Directory Access Protocol (LDAP) is supported for authentication and part of the authorisation process.
| See the Configuration Server Operations Guide for details of how to configure LDAP. |
4.4. Role management
Celebrus installs with pre-defined roles. You can edit, delete and add your own roles as required. Defining a role is a simple process, requiring its name and the set of Configuration Manager apps to be selected which the role allows read/write access to.
The semantic app allows further control to be specified, specifying which semantic areas can readable and/or writable.
4.5. User management
User management is available only when identity and access management is using the in-built Celebrus identity provider, or when a hybrid approach is being used. If an external identity provider is being used for both authentication and authorisation, the user management function within the Configuration Manager is not available. For further details see the Identity and Access Management User Guide.
Roles can be assigned and removed from users with the permissions of the assigned roles combined shown in the user editor.
The last 100 activities of a user can also be viewed, including login, login failed, forgotten password token issued, and forgotten password reset.