Defining users
When you define users, consider which users need access to the Collaboration Server system and which users can wait or have their needs addressed in other ways.
You must limit the number of users of the Collaboration Server system. You must provide access to only those who will benefit the most from the features of the Collaboration Server system during the initial phases of implementing the Collaboration Server system. In later phases, because the Collaboration Server system hosts more data and business processes, you can add more users to the Collaboration Server system. The developers can concentrate on answering the needs of a smaller group of users at a time and the client can manage change efficiently.
- Users with higher interaction with Collaboration Server
- These are the users that have a reasonable amount activity in the Collaboration Server system. They might participate in the workflows and add, delete, and modify referential data in the Collaboration Server system on a regular basis.
- Users with lower interaction with Collaboration Server
- These users mostly query information with little or no editing authorization.
- If the users with lower interaction with Collaboration Server log into the PIM system to search for the same information, on a regular basis, then it is better to send out a report to these users instead of giving them access to the Collaboration Server system. For example, if a group of users are interested only in the products that have gone live in the last week, then a report can be sent to this group instead of allowing the group to have access to the Collaboration Server system to query this information. This approach will reduce the burden on the Collaboration Server system. If there are 50 users that might search this information, instead of querying the Collaboration Server system 50 times, you can send a report that can run at a relatively down time.
- If the information that the users with lower interaction with Collaboration Server is interested in is also available in another module such as the Merchandising system, then redirect the user to the Merchandising system.
- If a system requires an extensive number of users to query referential data, integrate with an external search engine, such as Endeca to enhance the Collaboration Server system's search and presentation capabilities. Endeca needs to be purchased and is independent of IBM® InfoSphere® Master Data Management Collaboration Server . Because Endeca has its own database, users with lower interaction with Collaboration Server will query Endeca's database instead of querying the Collaboration Server system. To keep the external database updated, you can create an export from the Collaboration Server system that runs regularly.
Creating users
You must consider the following things when you create a new user:- Tasks performed by the new user.
- Type of access privilege required.
Roles
To provide different access privileges to different users, you must define different roles preceded by the company name (company_role name). For example, you can define roles such as Acme_Admin, Acme_basic, and Acme_content_author preceded by the imaginary company name, Acme:- Acme_Admin
- You can design this role to have all the access privileges. Users in the admin role can control all the other roles in an organization. You cannot edit the <companyname>_admin role.
- Acme_Basic
- You can design this role to have basic access privileges such as view access. You can edit the <companyname>_basic role.
- Acme_Content_author
- You can design this role to have basic access privileges such as add, edit, delete, and view access. You can edit this role.
Managing users
You can group the users in organizations. You can model the organizations as either external (customers or business partners) or internal entities that are separate business units within the company. You can use organizations to separate all suppliers or business units. You can create an organization spec to track the business unit information.- After a user is created, you cannot delete the user.
- Do not recycle user names. Although you can update role, locale, and personal settings assignments easily, the automatic audit trails of the Collaboration Server system will make tracing difficult. For example, a user with a user name Smith quits the company in January. In March, a new employee is hired and the same user name Smith is given to this new user. It will be difficult to trace the changes that are made in the Collaboration Server system by these two employees who were using the same user name without their employment dates.
Mapping roles to users
Mapping of roles to users is required to inherit the privileges from the roles to the users.Some of the roles are defined by the business processes. For instance, for a New Product Introduction (NPI) process you can define roles for every department that is involved in NPI.
Each user needs to be assigned a minimum of one role in order to have access to objects, but you can assign multiple roles to a single user. However, if the two roles are in conflict with each other (for example, if they have different catalog access privileges), resolving that conflict takes time and typically results in poor page rendering performance typically results.