DataSight application accounts may be either a user or a group. A DataSight account is created for each user in DataSight and then users can be assigned to different groups. Both users and groups can have a distinct set of application permissions.

All users should ideally be allocated to groups.

Permission priorities according to Accounts

The following priority rules apply:

• Deny anywhere for any user or group overrides all other granted permissions or permissions that have not been set.
• If a user is neither granted nor denied permission then the default setting for that permission is denied until set.
• If a user is granted permission to use a module or feature in DataSight, then they are granted that permission everywhere whether a permission for the group that the user belongs to has not been granted.
• Users will retain the last group privileges that they have been allocated even if the group has been deleted.

Admin Security Group

DataSight has one built-in security group called Admin. When a user is assigned to this group, they will have full administrative rights to manage accounts and their permissions, as the Admin group is granted full permission by default.

It is likely that at least one DataSight user will be the same as the IT systems administrator, and as such will have full privileges for the Microsoft SQL Server instance. When a database is created by an administrator, that user is automatically assigned to the Admin group. However, using application security other users can be created that are granted full application security within DataSight without having full access to the suite of functions for the MS SQL Server.

The IT Systems Administrator should never release the Admin group user name and password as the Admin user Name and Password are identical for Microsoft SQL Server. All other users should be provided separate passwords.

See also:

• Permissions
• DataSight Administrator
• View Security History

Set Accounts

Add a new User

Windows Authenticated

1. Check that the user to be added exists on Active Directory. See your IT Administrator for details.
2. Launch DataSight and connect to database.
3. Click Application Tab.
4. Click Security. The Security window will open.
5. Click the Users radio button.
6. Click Add. The Create User window will open.
7. Select Windows Authentication.
8. Enter the appropriate user name.
9. Click OK.
10. Click Save.

SQL Server Authenticated

1. Check that you have sufficient rights on the server. See your IT Administrator for details.
2. Launch DataSight and connect to database.
3. Click Application Tab.
4. Click Security. The Security window will open.
5. Click the Users radio button.
6. Click Add. The Create User window will open.
7. Enter a new user name and select SQL Server Authentication.
8. Enter a user name and password.
9. Click OK.
10. Click Save.

Add a new Group

1. Launch DataSight and connect to database.
2. Click Application Tab.
3. Click Security. The Security window will open.
4. Click the Groups radio button.
5. Add a new group. The Create Group window will open.
6. Enter the new Group Name and click Save.

Assign a User to a Group

1. Launch DataSight and connect to a database.
2. Click Application Tab.
3. Click Security. The Security window will open.
4. Select the Users radio button.
5. Select your user from the list of users.
6. Click the check-box next to the group or groups to which this user will become a member.
7. Click Apply.
8. Click Save.

Delete a User or Group

1. Launch DataSight and connect to a database.
2. Click Application Tab.
3. Click Security. The Security window will open.
4. Click the Users or Groups radio button.
5. Select the User or Group and click Delete.
6. You will be asked to confirm the delete. Click Yes.
7. Click Save.

See also:

• Modes of User Authentication
• Permissions
• View Security History