000035878 - How to Update/Import the Record Permission Field using the RSA Archer File Transporter Data Feed

Document created by RSA Customer Support Employee on Apr 30, 2018Last modified by RSA Customer Support Employee on Apr 4, 2019
Version 17Show Document
  • View in full screen mode

Article Content

Article Number000035878
Applies ToRSA Product Set: Archer
RSA Product/Service Type: RSA Archer
IssueHow to update or import Users into the Record Permission Field.
TasksThe Purpose of this Article is to explain how to update or import Users into the Record Permission Field using the File Transporter Data Feed. This Article covers importing both the LDAP users and as well as Non-LDAP users (local Archer users).
ResolutionStep 1: Identify the Key Field Definition for the File Transporter Data Feed

In the Archer File Transporter Data Feed, it is best to have one field referenced as the Key Field Definition as referencing multiple fields can impact Application performance (one Key Field Definition per application is recommended for fast Data Feeds).

We want to make certain that there is at least one piece of unique data for each record can be leveraged for uniqueness. 
Examples:  TrackID, e-mail address or employee ID which may look like 12345, "james.tucker@archer.local" or "Archer\Jamest"

Step 2: Configuring the format for the Username in the CSV file. 

LDAP users in Archer should have this format Domain\UserName and non-LDAP users will not include a domain.  Using the correct format ensures your Data Feed is populated the Record Permission field(s) correctly. In the CSV file, you can have the following formats for the Record Permission field:
  • LDAP users
    1. DOMAIN\\Username: The \ character is the escape character used in Data Feeds. The Username can be founded by going to Access Control > Users > Manage Users > Domain \Username
    2. Username: The Username can be founded by going to Access Control > Users > Manage Users > Domain \Username
    3. UserID: The UserID can be founded going to
  • Login to Archer User Interface (UI).
  • Browse to administration>Access Control>Access Control Reports 3. Select "Export Account Data" .
  • This will email the current user a link to download a series of CSV files containing user account information (Make sure to have an email address in the account you logged in to Archer UI).

Export Account Data

  • From this export, Open the Users.csv in Excel and we will see the UserID column.

User-added image

  • Create a CSV file as following (this for LDAP username) and my CSV file has the following formats

User-added image


  • Non LDAP users
             For Non-LDAP users, you MUST use the UserID.
Step 3) Configuring the File Transporter Data Feed

  • Create an application in Archer with a record permission field.

User-added image

  • Create some records in the application and Note down the Tracing ID.
User-added image
  • Create a File Transporter Data Feed.
User-added image
  • Configure the File Transporter Data Feed in the Transport tab to point to the location of the CSV file and run the Data Feed.
User-added image
  • Load the Field in the Source Definition tab.
User-added image
  • Map the Record Permission Field in the Data Map tab,  since we are updating the Record permission you will need to change the “Field Population” to “Replace Data to list-based fields”.
User-added image
  • Then configure the Key Field Definition and Update/Archive option, configure the Update option to "Update".

 User-added image
  • Run the Datafeed
User-added image

Notes- Each Username must be unique. While you can have two users with the same FirstName and LastName they can't have the same Username.

- If you use the Username without Domain Name (method 2 from above), you must tick the "Default LDAP Configuration" in Archer under Access Control > LDAP Configuration > General tab otherwise you will receive the following error for every line in CSV during run the Data Feed: "The value in field 'Column01' cannot be converted, the item will be dropped". You refer to KB 000035879.
User-added image
User-added image

- Imported users need to have sufficient permission to the application.