Introduction

The following section describes the components of user management.

Licensing

Until a license key is applied to your system, only the System Administrator (SA) user can log in. When a license key has been applied, analysts can log in to all applications (if they have the appropriate privileges), and all other user types can log in to Ivanti Self Service.

Analysts need a license before they can log in. All other user types can log in without using a license.

There are two license types available:

  • Fixed – analysts with a fixed license are guaranteed a license, because the license is associated with their user account
  • Concurrent – analysts who do not have a fixed license log in using a pool of concurrent licenses, and can therefore log in only if there is an unused concurrent license available

For information about applying a license key, see the Setup Guide.

For information about allocating licenses to users, see Managing the user license allocation.

User types

There are different types of user account. Analysts are the only type of user that can log in to the Ivanti Console and Web Desk. However, you may want other users to have some access to the information in your system. For this reason, there are other types of user account that can log in to Ivanti Self Service and Ivanti Workspaces. The different types of user account are:

  • Account Manager – Internal users with relationships to customers and their contacts.
  • Analyst – Internal users involved in progressing a process, for example, a Change.
  • Contact – External users belonging to either a customer or supplier.
  • End-user – Internal users, who receive support.
  • System – For application services such as Mail Manager. System User accounts cannot be used to log in to a Service Desk or Asset Manager application, but enable you to identify when an action was performed by a particular service.

For information about creating users, see Users.

Group types

You can create groups to arrange the users according to job function, expertise, location, and so on. Users don’t have to be a member of a group at all, but it is good practice to make them a member of one or more groups. You can use group membership to control the publishing of shortcut groups and dashboards, the partitioning of data, which window designs appear for the user, and other such features.

For example, you can create different groups for processing incidents and requests, and also create dashboards that are appropriate to help each of these groups with their different responsibilities. You can then publish the dashboards to the appropriate groups and so make the appropriate dashboards available to the required users only.

There are four group types: Support Group – which is an internal group, and Company, Customer and Supplier – which are all external groups.

For information about creating groups, see Groups.

Roles

You assign roles to users to specify the privileges that the associated users have.

For example, you can configure your system so that users with the Analyst role can log and resolve incidents, but only users with the Supervisor role can close incidents.

You can place users in groups without assigning them a particular role, and you can assign roles to users who do not belong to a specific group. However, we recommend that you assign roles to users to control their privileges and use groups to control which shortcuts, dashboards, windows, and so on appear to users.

For information about roles, see Roles.

Privileges

Although you can assign privileges to both groups and roles, we recommend that you assign privileges to roles only. This makes managing your privileges more straightforward. We recommend that you assign privileges to groups only to fulfill group-specific requirements, for example if a privilege is required by a group associated with a specific location.

Privileges enable you to control a role or group’s access to different sections of the system and the functions they can perform within each section. Users are given privileges only when they are added to a role or group.

For information about privileges, see Privileges.

User structures

You can create organisation structure diagrams and add users to groups, roles to users, and link users and groups together to represent your organisation’s structure.

For information about creating user structures, see User structures.