Users
A user is an Informatica Cloud user account that allows secure access to an organization. A user can perform tasks in the organization based on the role and user group assigned to the user. Object-level permissions can also affect the tasks a user can perform.
The Users page displays a list of all Informatica Cloud users in the organization.
You can perform the following tasks for a user:
- •Create a user.
- •Edit a user.
- •View user details.
- •Delete a user.
User Properties
The organization administrator can configure users for the organization.
When you configure a user, you configure the following information:
- User properties
- Properties such as the user name, password, and maximum login retry attempts.
- User details
- Information about the user, such as the name, job title, and phone number of the user.
- User security
- Security options, such as the role, user group, and ability to preview data.
The role for a user defines the general tasks that the user can perform in the organization. The user group for a user defines the objects the user can work with and the specific tasks that the user can perform. However, if a user is assigned to a role with limited privileges, the user group cannot override these limitations. For example, a user in the Service Consumer role is assigned to a user group that has run permissions on tasks. Because the Service Consumer role limits the user's access to the activity monitor, the user cannot monitor jobs.
Configure the following user properties for each user:
User Property | Description |
|---|
User Name | Informatica Cloud user name that identifies the user within the organization. Used to log in to Informatica Cloud. The user name must be a valid email address and unique within Informatica Cloud. For example, john@abc.com. User names can contain alphanumeric characters and the following special characters: _ . + - You cannot modify a user name. |
Salesforce User Name | Salesforce user name. |
Confirm Salesforce User Name | Confirmation of Salesforce user name. |
Password | Password for the user account. The password cannot be the same as the user name. |
Confirm Password | Confirmation of the password. |
Maximum Login Attempts | Maximum number of login attempts the user can make before the user is locked out. If locked out, the user must contact Informatica Global Customer Support to reset the account. |
Change Password on Login | Determines if the user must reset the password after the user logs in. Select this option to require a user to create a new password after the user logs in. |
Ignore License Expiration Messages | Allows you to stop the display of license expiration messages: - - False. Shows all license expiration messages.
- - True. Does not display license expiration messages.
|
Configure the following user details for each user:
User Detail | Description |
|---|
First Name | First name of the user. |
Last Name | Last name of the user. |
Job Title | Job title of the user. |
Phone Number | 10-digit telephone number of the user. For example, (123) 456-7890, 123-456-7890, or 123.456.7890. |
Emails | Email addresses that receive notification from Informatica Cloud. Enter one or more valid email addresses. Use commas to separate multiple email addresses. Email addresses can contain alphanumeric characters and the following special characters: _ . + - |
Time Zone | Time zone where the user is located. When the user logs in, all times reflect the time zone of the user. For example, schedules display the local time in the user time zone. Default time zone is Pacific Daylight Time, Los Angeles. |
Description | Description of the user. Maximum length is 255 characters. |
Configure the following security options for each user:
User Security Option | Description |
|---|
User Roles | Informatica Cloud role for the user. Note: Best practice is to assign one role to a user. |
User Groups | User group for the user. A user group can help define or limit the tasks that a user can perform. The organization administrator configures user groups. If no user groups are listed, no user groups are defined for the organization. Note: When you implement user groups, best practice is to assign every user to a user group. |
Allow Data Preview | Allows the user to preview data when configuring a Data Synchronization task. By default, this option is enabled. For maximum data security, clear this option. |
Configuring a User
1. To create a user, click Administer > Users, and then click New.
To edit a user, click Administer > Users, click the user name in the list of users, and then click Edit.
2. On the New User page or Edit User page, configure the user properties.
3. Configure the user details and security options, and then click OK.
Viewing User Details
You can view details about a user, such as the name, role, and contact information.
Click Administer >
Users, and then click the user name.User details appear on the View User page.
To edit the user, click Edit.
Deleting a User
Delete a user if the user no longer needs to access Informatica Cloud.
1. Click Administer > Users.
2. On the Users page, click the Delete icon next to the user name.
User Configuration Examples
The following examples illustrate ways in which you can configure user groups, permissions, and users to control access to Informatica Cloud according to your business needs.
- You want your development team to create tasks and task flows. To do this, the development team needs to view sample data in development, but you want to restrict access to production data. You also have a reporting team that needs to run tasks, but does not have the technical knowledge to configure tasks safely.
- For these two teams, create two separate user groups. For the development team, create a Developer user group and control the user group as follows:
- 1. Configure the Developer group with full permissions for tasks and related objects, but only read permission for connections.
- 2. Assign the Designer role and the Developer group to the users in your development team. When configuring users, select Allow Data Preview to help with task development.
- 3. If possible, create development connections to sample data. If you have both development and production connections, configure production connections so the Developer group does not have read permission. This prevents the Developer group from using production connections in tasks.
- 4. After testing is complete and tasks are ready to move into production, have an organization administrator or other qualified user configure the tasks to use production connections.
- 5. Edit the Developer user group to remove the permission to run tasks. If development is complete for a task type, you can also remove permission to read or update the task type and related objects as well. By removing the read permission, you prevent the Developer group from accessing any information about production tasks.
For the reporting team, create a Reporting user group, and control the group as follows:
- 1. Configure the Reporting group with permission to read and run tasks and task flows, and permission to read, create, and update schedules. Do not allow the group to edit or delete objects in the organization, or to change permissions for objects in the organization.
- 2. Assign the Designer role and the Reporting group to the users in your reporting team.
- You want a site operator who can assign roles and user groups and configure access control, but cannot create, edit, or run tasks.
- 1. Assign the Admin role to the site operator user. With the Admin role, the site operator can configure users and user groups and manage the organization. To limit access to tasks, connections, and schedules, assign the site operator to a restrictive Site Operator user group.
- 2. Configure the Site Operator user group as follows:
- ▪ Assign permissions to read objects and to configure permissions for all object types. If the Site Operator group needs to download and install the Secure Agent, also grant the group create permission for Secure Agents.
- ▪ Restrict all other permissions. By revoking the create, update, delete, or run permissions on objects, you limit the Site Operator group to performing administrative tasks.