Managing the Users of an Altium Vault

Old Content - see latest equivalent
Modified by Jason Howie on May 31, 2017
Contents

User Management for an Altium Vault is performed from the Users area of the vault's browser-based interface, accessed from an external browser, or through Altium Designer's Home page. This provides the interface to the Identity Service (IDS), with which to define vault (and other service) access, through specification of users, roles and associated license assignment. The latter specifies the type of connection to the vault and therefore the features and technologies that a user may be permitted to access and use.

User management is performed through the Users area of the Altium Vault's browser interface.

Controls are spread over the following sub-pages:

  • Users - use this page to create and manage a list of users; people who are to have access to the vault and/or the associated technologies installed with it.
  • Roles - use this page to create and manage a list of roles; roles allow you to further organize your users according to, for example, the particular section of the organization in which they are involved, or the design team they are in. Roles also make the sharing of vault content, and the configuration of other vault-served technologies, more streamlined.
  • Licensing - use this page to determine how users of the vault are to be licensed. By default, all users are set to automatically take a seat of the highest Client Access License available to them from a floating pool of licenses. Alternatively, assign a user a seat of a specific type of Client Access License - effecting a 'named license' as it were. Doing so will remove a seat of that license type from the floating pool of licenses. In this way, the user is always guaranteed access to the vault, and always at that feature level
  • Sessions - use this page to quickly assess which of your users are currently signed into the Altium Vault. Provision is made for an administrator to terminate a user's access to the vault by effectively 'killing' their active session, thereby freeing connections to the vault for use by others.

This document takes a closer look at the management of Users, Roles and Sessions. For license management (or rather connection assignment), see Altium Vault Licensing - Client Access Management.

Only an administrative user has full access to management controls. While a non-administrative user can browse Users and Roles, they cannot access Licensing or Sessions. And while management of users by a non-administrative user is not generally possible, they are able to change the profile of their own user - including changing username and password.

Users

Management of users for access to the Altium Vault and related services is performed from the Users page, by an administrator of that vault. A user is simply a person who it is intended will need access to the vault.

A single, administrative user is provided, admin. This user, and any additional user, is bestowed aministrative powers by membership to the role Administrators.

Create a 'database' of people who are to have access to the Altium Vault, from the Users page of the browser interface.

All defined users are presented in a flat listing. Users will be listed across multiple pages where necessary, with page browsing controls located at the bottom-left of the page. You can determine how many users are presented on each page using the Page size control, at the bottom-right of the page. Choose from 10, 20 or 50 users per page.

Within the main listing, each user is displayed in terms of the following information:

  • Type – represented by an icon as being either an administrator for the vault (), or a standard user/non-administrator ().
  • User Name - the defined username for the user, used as part of their credentials for accessing the vault.
  • First Name - the user's first name.
  • Last Name - the user's last name.
  • Email - the user's email address.
  • Phone - an optional contact phone number for the user, where specified.
  • Domain - if Built in authentication is used, this entry will be blank. If Windows authentication is used, this entry will reflect the Windows Domain specified for the user.
  • Online - reflecting the active state of the user, in relation to whether they are currently signed into the Altium Vault (Online, ) or not (Offline, ). This column is only displayed for an administrative user.

The Edit () and Remove () controls associated with a user enable you to edit the details for that user, or to remove them (preventing access to the vault) respectively.

Users can be sorted by various fields, using the column header in each case. Click once to sort in ascending order, click again to sort in descending order. Ctrl+click to remove sorting.
Any number of users may be registered to access and use the vault, but only a licensed number will be allowed to connect to it simultaneously. This number is determined by the seats of the purchased Client Access Licensing.
When migrating data to an Altium Vault from a legacy Satellite Vault, a user with the supplied AltiumLive credentials will be added to the list of users having access to that vault. Similarly, if there are any Items in the source Satellite Vault created by other people, then additional users will be created accordingly, based on their separate AltiumLive login credentials. These users will initially be non-administrative.

Adding a New User

To add a new user for vault access, simply click on the Add User button, located at the top-right of the page. Controls will appear with which to specify the contact details, login credentials, and additional role membership for that user.

When you click to add a new user, you will be presented with controls with which to specify that user and their role membership.

Specify details for the user. The following are required fields (marked with a red asterisk):

  • First Name
  • Last Name
  • User Name
  • Password
  • Email

The User Name and Password become that user's login credentials for access to the vault.

You will be prevented from trying to add another user with the same User Name as an existing user.

Specify also which of the existing roles the user is to be made a member of, if required. Start typing the name of a role in the New Roles field to pop-up a list of matching roles. Select the required role from the this list. If the user is required to have administrative powers, select the Administrators role.

Add the user to currently defined roles, as required.

Multiple roles can be chosen for assignment. Assigned roles will only appear in the User Roles region once the user has been saved (created). To remove a role prior to final assignment, simply click the delete cross, to the far right of its name.

Once all details are filled out and specified as required, click the Save button – the new user will be created and added to the list of users with access to the Altium Vault.

Authentication

The Altium Vault supports two modes of user authentication when accessing the vault:

  • Built in – this is provided courtesy of the vault's own Identity Service (IDS). The user accesses the vault by entering the credentials initially supplied to them by an administrator for the vault.
  • Windows – using Windows Domain Authentication. The user accesses the vault by entering their Windows login credentials.

Setting the required mode of authentication is performed when initially adding a user to the vault, through the browser-based interface, but can be switched at any stage thereafter.

Windows authentication is only available for an Altium Vault installed on a PC that is part of a domain.

Mode is specified using the Authentication field. By default, Built in mode is used. To use Windows Domain Authentication, click on this field and choose Windows from the drop-down.

Switch user access control to use Windows Domain Authentication.

The sub-fields change from User Name and Password, to User Name and Domain respectively. The Domain field is pre-filled with the name of the domain of which the PC is currently part. Enter the User Name to be exactly the same as the User Name for that user's Windows login.

When using Windows authentication, the Domain is filled ready. You just need to enter the User Name portion of the user's Windows login credentials.

Under Windows Domain authentication, users need to be managed externally as part of the organization's Windows network administration. Username and Password maintenance (and issues) are handled by your Windows Network Administrator. If a user's Windows Domain Username changes, this should be updated for that user on the vault-side too, otherwise access to the vault will not be possible.

Password

The access credentials for a new user need to be defined initially by an administrative user, since a non-administrative user cannot add new users (and therefore themselves). However, once added, a non-administrative user can access and change their own details - including User Name and Password - at any stage. This allows non-admins to securely register their own access credentials, without sharing their password with anyone else, including an administrative user.

Of course, if a non-administrative user forgets their password, they will not be able to sign in theough the browser interface to access and change it! In this case, they will need to notify an Admin to effectively 'reset' their password for them. This simply involves the administrator:

  • Accessing the details for the user and entering a new password in the Password field.
  • Clicking Save to effect the change.
  • Communicating the new password back to that user.

The non-administrative user can then access their user and switch out this new, temporary password, with another one of their own creation.

Editing an Existing User

Clicking on an individual user's User Name in the list, or using the associated Edit control (), accesses their full user details. Make any changes to the contact details for that user, their login credentials (User Name, Password) and role assignment as required.

A non-administrative user can only make changes to their own user.

Access and make changes to a user as required.

To remove the user from a particular role in which they are currently a member, simply uncheck the associated Member option for that role. The role will be removed from the list upon saving the changes.

When all modifications have been made as required, simply click the Save button to effect those changes.

Removing a User

To remove a user, simply use the associated Remove control (). A dialog will appear asking for confirmation to proceed with the deletion. Click OK to proceed, after which the user will be removed from the vault's user database. They will no longer have access to the vault.

The remove operation cannot be undone. If you remove a user by mistake, you will need to add that user back, in the same way that you would add any new user.

Roles

Management of roles for the Altium Vault is performed from the Roles page, by an administrator of that vault. Roles allow you to further organize your users according to, for example, the particular section of the organization in which they are involved, or the design team they are in. Roles also make the sharing of vault content, and the configuration of other vault-served technologies, more streamlined.

A single role – Administrators – is defined by default for an Altium Vault. This role gives administrative privileges to its members. Anyone who is a member of this role has complete access to the vault, and all associated technologies and services through the browser interface.
The same user can be a member of any number of defined Roles.

Create specific roles (or 'memberships') of users.

All defined roles are presented in a flat listing. Roles will be listed across multiple pages where necessary, with page browsing controls located at the bottom-left of the page. You can determine how many roles are presented on each page using the Page size control, at the bottom-right of the page. Choose from 10, 20 or 50 roles per page.

Within the main listing, each role is displayed in terms of the following information:

  • Role Name.
  • Members – how many defined users are part of this role.

The Edit () and Remove () controls associated with a role enable you to edit the details for that role, or to remove it, respectively.

Roles can be sorted by specific data using the column header. Click once to sort in ascending order, click again to sort in descending order. Ctrl+click to remove sorting.

Adding a New Role

To add a new role, simply click on the Add Role button, located at the top-right of the page. Controls will appear with which to define the role, in terms of its name and members.

When you click to add a new role, you will be presented with controls with which to specify that role and its members.

Use the Role Name field to enter a meaningful name for the new role. For example this may be a name that is reflective of the task performed by its members. This is a required field, as denoted by the red asterisk.

You will be prevented from trying to create two roles with the same name.

The Members region is where you define the members of the role – its constituent users. This can be done as part of creating the role, or by editing the role afterward, as required. To add a user as a member of the role, simply click inside the New Members field and start typing the full name, username, or email address for that user. As you type, a drop-down list will automatically and dynamically populate with matching results, based on existing users that have access to the vault – click the required user.

Dynamic search filtering enables you to quickly obtain the user required as you type.

Multiple users can be chosen for addition to the role. Assigned users will only appear in the Members region once the role has been saved (created). To remove a user prior to final assignment, simply click the delete cross, to the far right of their name.

With name and members defined as required, click Save to effect creation of the role. The role will now be available in the list of roles for use in applicable areas elsewhere in the vault's browser interface. For example when adding/editing a user, or sharing permissions for vault folder/internal Design Repository/managed project access.

Editing an Existing Role

Clicking on an individual role's Role Name in the list, or using the associated Edit control (), accesses its full details. Make any changes to the role's name and/or user membership as required.

Access and make changes to a role as required.

To remove a user from the role, simply uncheck the associated Member option for that user. They will be removed from the list upon saving the changes.
When all modifications have been made as required, simply click the Save button to effect those changes.
 
The system role Administrators cannot have its name changed. You can, however, manage members for this role, as with any other user-created role.

Removing a Role

To remove a role, simply use the associated Remove control (). A dialog will appear asking for confirmation to proceed with the deletion. Click OK to proceed, after which the role will be removed.

The remove operation cannot be undone. If you remove a role by mistake, you will need to add that role back, in the same way that you would create any new role. Note also that as a system role, the Administrators role cannot be removed.

Sessions

An administrator for the Altium Vault has the power to logout any user that is currently signed into the vault (apart from themselves of course!). This enables licensed vault connections to be 'freed up' as it were, for assignment to other users, should the route of purchasing additional licensed connections not be viable. This is performed from the Sessions page of the browser interface.

View users that are actively using the Altium Vault, and 'kill' sessions as required.

All users that are currently signed into the Altium Vault - either through an instance of Altium Designer, or through the vault's browser-based interface - are listed, in terms of their User Name (with full name in brackets). The act of being signed into the vault creates an 'active session'. To effectively kill a user's session - logging them out of the Altium Vault - simply use the associated Kill Session control (). A dialog will appear asking for confirmation to kill the session. Click OK to proceed, after which the user will be logged out from the vault.

On the Users page of the interface, the user's status will change from being Online () to being Offline ().

An administrator for the vault logs out another user that is currently accessing the vault.

 

You are reporting an issue with the following selected text and/or image within the active document: