Summary

A quick tutorial on configuring access rights for Tachyon. Using a scenario where access to Tachyon will be managed through Active Directory groups, the tutorial illustrates the general setup required and the particular steps needed to add the necessary Tachyon users.



In this tutorial we demonstrate a process for creating Active Directory (AD) managed permissions to the Tachyon portal. We use specifically created AD groups for each of the Tachyon system roles and create Tachyon users for each one, we then define a custom role for a specific Instruction Set and create a Tachyon user with an existing AD group that provides access to running actions in the Instruction Set.


Example AD groups for the Tachyon system roles

As mentioned in Requirements: Active Directory requirements, we recommend that the AD security groups used for defining access to the Tachyon portal features are defined as Universal groups. The picture opposite shows an example TCNConsumerAdmins AD security group intended for the Consumer Administrators role.








In this tutorial we will create a Tachyon AD group user for each of the possible roles given in the following table:

Creating the required Tachyon users/groups

The general steps for creating a new user or group are as follows:

The animation at the top of the page shows the process outlined above and described as follows:

  • On the Settings→Permissions→Users page, after clicking the Add button, the Add user popup is displayed.
  • In the Select user edit field we type TCNP, the first few characters of some of the AD groups we created earlier.
  • We then select the TCNPermsAdmins group from the list.
  • Once the necessary user or group has been selected click Add to create the new group user.
  • We then click the new ACME\TCNPermsAdmins name link to display the details for that user.
  • Clicking on Edit displays the Edit roles assigned to user popup.

  • We scroll down, select the Permissions Administrators role and then click Save to set the new role for the user.

  • After the new user or group has just been added Tachyon will display notifications for a short while showing the actions that have just been successfully performed.


In the tutorial we then repeat the process of finding AD groups, adding Tachyon roles and saving for each of the Tachyon system roles. The purpose of this is that subsequently, specific AD user access to Tachyon can be managed through AD via membership of the selected AD groups and avoiding the necessity of managing the users through Tachyon.

The result of adding the groups can be seen in the picture opposite.