Users

< Previous section  |  Table of Contents  |  Index  |  Next section >

In order for users to access a MainBoss maintenance organization, their login names must be recorded in the MainBoss database. When a maintenance organization is first created, the only user who can access the organization is the person who originally created the database.

Important: In order for someone to be able to use MainBoss from several different computers, that person must have the same login name and password on each of the computers. (This is automatically true if you use domains.)

Scopes: In the procedure described below, you record the login names of people authorized to use MainBoss. During this process, you'll be given the opportunity to specify a scope for that person's login name.

The names in MainBoss's Users list must be individual login names; they can't be groups. In MainBoss, login names are associated with records in order to create an audit trail. This is why MainBoss itself doesn't accept group authorizations—an audit should record exactly who made a particular change, which means tracking the individual login name, not just a group name.

Security Roles: When you create a new user record, it has no associated security roles. This means that new users have no permission to do anything in MainBoss, unless you specifically assign them roles. You must therefore assign each user at least one security role if you expect the person to use MainBoss in any way. For more on security roles, see Security Roles.

Note: The person who creates a MainBoss database is automatically given a set of security roles which grant full access to all MainBoss operations.

SQL Server Authorization: In order for someone to use MainBoss, the person's login name must be registered in both the MainBoss database and with SQL Server. Only someone with SQL Server Administration privileges can register new users with SQL Server.

In order to deal with these two scenarios, MainBoss has an option set in Administration | Users. Go to the Defaults for Users section.

(As an alternative two-stage approach, you could create a Windows group named mainboss in the domain. A SQL Server Administrator could then set up SQL Server permissions so that anyone in the group could access the MainBoss database. Then, whenever someone new needs to be authorized to use MainBoss, a Windows administrator simply adds the new person to the group. Some IT departments may prefer the "group" approach over authorizing each individual within SQL Server.)

See Also:

< Previous section  |  Table of Contents  |  Index  |  Next section >