000039402 - What is the minimum requirement to manage access control in Archer

Document created by RSA Customer Support Employee on Oct 21, 2020
Version 1Show Document
  • View in full screen mode

Article Content

Article Number000039402
Applies ToProduct Set: Archer 
Product/Service Type: Archer (On-Premise)/ Archer (SaaS/Hosted)
Version/Condition: 6.x
Platform: Windows Server 2012 R2/ Windows Server 2016/ Windows Server 2019
IssueThe purpose of this article is to explain how to add a username to manage access control in Archer without giving the username the "System Administrator" access. 

Situations, where you may need to manage users/groups, include: 
  1. Create/delete/edit local Archer usernames
  2. Resetting the password for local Archer usernames
  3. Add/delete/edit role
  4. Add/delete/editing local groups
  5. Add/remove Security group
  6. Add/delete/edit LDAP Configuration
  7. Run Access Control Reports (it includes a summary of the access control rights, report lists all failed login attempts…etc.)
  8. View Application Builder Reports.


 
ResolutionArcher comes with a role called "Access Control Administrator", and this is an out of box role can be used to manage access control. To accomplish this task
  1. Login to Archer user interface > Administration > Access Control > Users

User-added image

 

  1. Then go to Username > Roles tab > click Lockup >  under find type in "Access Control Administrator" > select the "Access Control Administrator" > ok

User-added image

User-added image
 


  1. Then click > Save.

User-added image
 


  1. Verification. Login to Archer user interface and ensure that the username is only able to manage access control. 

User-added image

Attachments

    Outcomes