Creating AtScale Groups
You can create groups in AtScale to assign runtime permissions on cubes to multiple users at a time.
About this task
The majority of AtScale users will need only runtime permissions to query published cubes from client BI software. A smaller subset of users will be the ones who create the projects and the cubes, and an even smaller subset will be the ones who administer the AtScale application. Groups let you grant runtime permissions to the majority of your users in bulk, rather than one user at a time.
In AtScale 7.0.0 and later, you can grant design-time permissions to groups.
You can create groups of locally-authenticated users (users you can manage directly in AtScale and who are authenticated through AtScale's embedded directory service) or externally-authenticated users (users managed through a directory service, such as an LDAP server or Microsoft Active Directory).
Before you begin
- Ensure that your user ID is an administrator for your AtScale organization or is a super user.
- If you are creating groups of locally-authenticated users, ensure that those users are members of the current organization. Select Security, click Users. If you don't see the users that you want to add to groups, those users have not been added to the organization, they have not been assigned roles, or both. See Add, Edit, and Delete Local User Accounts.
Use AtScale's local directory service for testing only. Do not use it in production environments. This directory service is not meant to support the types of workloads that are common to production environments. Before using AtScale in production, configure your AtScale organization to use an external directory service, such as Microsoft Active Directory, another LDAP service, or Google G Suite Directory.
Procedure
-
Select Security, click Groups.
-
Create an empty group.
-
Click Create Group.
-
Name the group and once again click Create Group.
- If you want to populate the new group with users who are managed in an external directory service, see the steps in the prerequisites in Granting Runtime Permission on Cubes to Groups of Externally Authenticated Users.
- If you want to populate the new group with locally-authenticated users, continue to the next step.
-
-
To add locally-authenticated users to a group:
- Click the name of the group or click Edit next to the group's name.
- Move users from the Available Users section to the Selected Users section.
If you do not see a username in the Available Users section that you expected to see, either the account with that username is not yet added to the organization, the account has not yet been assigned a role, or both.
- Click Save when you are done.
You can now grant permissions on cubes for groups of local Users.