To access Doka SAAS, you need a user profile, and to create the new users you need to have admin User authority.
The following transactions can be started from on launching Transaction ID "DBISUR" here by clicking the icons in the below for adding a New User Profile.
Adding a User Profile
DOKA SAAS has the following category to Set Up New User.
- User Profile-A user profile is a structured representation of an individual user's characteristics and task preferences with respect to the organizational reporting structure where you'll assign them their features and settings, such as their permissions and timesheet templates.
- User Authorization- authorization is the process of verifying what they have access to.
- User Working-To define their working hours. This is used for SLA calculations and reporting.
- Assigned Entity Access-In a multi-entity system, users need to be granted access to each entity individually. They can even have different authorities in each one.
- Obscure Password-
The 'Reset' option should only be used in special situations, since the system administrator knows the current password of respective user. Using the option 'New Password' is in most cases the best option since only the password for the first login is entered by the system administrator and the respective user must change his/her password on the first login.
Preventing a User from Logging in
There are two ways to prevent a user from logging in to the system:
1. The user is blocked
Within the TradeDesign Login System a Blocked Flag is set, so that a future login is not possible when using the TradeDesign Login System. This function is enabled via the “Status” combobox and the 'Blocked' option.
This function is used to lock a user temporarily e.g. in case a password has been found out.
2. The Login Profile is disabled
The entry for this user ID within the TradeDesign Login System is deleted. In doing so, all information about the last used passwords, last login etc. are removed and a new login is also not possible anymore. The profile cannot be enabled easily, but the user has to be set up again in the TradeDesign Login System by enabling the login profile.
This function is used to refuse a user's login permanently without removing him/her technically from the system, so that his/her name and other data will not be lost. As a result, a user ID can still be used. This function should be used if a user has left a department, for example, and thus may not have any access to the system. Via the function “Replacement of Responsible User", those contracts in which this user was entered as a responsible person can be transferred to another user.
The other data of the user profile will not be changed by the actions mentioned above.
3. Login is blocked for all users
To avoid the possibility of this User ID being used for foreground processing, the ID should not be stored in user static data. The configuration of this User ID is described in the “Background Processing of Transactions” section in the developer documentation.
Users in Multi-Entity Systems
When adding users to a multi-entity system, the login status is only set to 'New Password' when the user is first defined. Please ensure that the name of user groups is unique throughout the system.
The processing of the data elements is only possible in the default entity of the user. When processing user entries in the other entities, these data elements are only displayed and cannot be modified.
Assigned Entity Access
The Assigned Entity panel displays the list of entities the user is assigned to and the user's home entity. It also specifies if the user has access granted to those entities or not, with reason for the same.
If a user is marked as designer, he is able to change sources in the development tool TRADE2. He also gets some additional debug information in case of problems. If a dump occured designer have the chance to continue processing after the dump file was created.
In addition, he has some special rights in the installation. Designer are allowed to
start transactions directly with 'launch transaction'
edit codetable entries
edit report definitions
edit document rules
convert character set of a file during copy in SYSIXU, if user is also system administrator
create manual dumps, see the field inspector and save screen images from context menu
If a user is marked as system administrator, he has some additional rights compared to a standard user. In addition, he is launched to system administration (SYSADM) in case there is a technical problem during his login. If a dump occurred system administrators have the chance to continue processing after the dump file was created. He also gets some additional debug information in case of problems.
System administrators are allowed to
edit codetable entries
run BIC update for more than the configured number of entries at once
create and edit user
edit TradeDesign configuration via DBITDR
handle transactions from all entities in DBWTRN
delete all types of pending entries
edit print configuration in rerouting of incoming messages
cleanup message archives with SYSCLN
convert character set of a file during copy in SYSIXU, if user is also designer
shut down the whole system from SYSMGR
edit incoming SMC entries in SMCTSK and update their status manually
If a user is tagged with this flag he is allowed to change XML literals with the document editor module within business transactions. Full document editor functionality including change of rule text is only available for Designers.
If a user is allowed to change user data he can only handle other SaaS users if he is tagged as SaaS user. A user with empty SaaS user flag can edit all users including the SaaS user.
On creating New User in the Saas Environment, SaaS User flag is be kept enabled as shown below.