Create user accounts

There are two ways to create user accounts in the Polarion system:

  1. An administrator creates accounts directly in Polarion.

  2. Accounts are automatically created when new users try to log on.

This topic covers both options. These assume that the password file is the desired user authentication method. It is also possible to have user accounts authenticated by an LDAP/Active Directory server, and to auto-create Polarion ALMaccounts from LDAP data. For information on LDAP interfacing, see Integrating Polarion Server with LDAP/Active Directory.

Keep in mind the following scenarios when deciding on your approach to user account creation:

  1. You have users on the LDAP server and want to synchronize them with Polarion.

    Use the LDAP Synchronization feature. When the users are synchronized, they cannot log on to Polarion until the administrator assigns them the role user.

  2. Users already exist on the LDAP server and you have turned on and set up role assignments for new users.

    When a new user logs in for the first time, a new user account is created, and the default role(s) are assigned.

  3. You have enabled the Create Account form in the system configuration.

    Users can create their own user account before logging on for the first time. All user credentials are written to the passwd file. The role(s) are assigned according to the properties in the system configuration for auto-creation of users.

Create a new user account manually in Polarion

You need the following information at hand in order to create a new user account manually in the portal:

  • The new user's name — Jean Schmidt, for example.

  • The new user's e-mail address. Although not required to create a new account, if it is not specified the user cannot receive any notifications.

  1. Log on with administrator permissions (global or project scope).

  2. Enter the Administration interface.

  3. If you want to create a new user for a specific project, open that project. Otherwise, select Repository in the Open Project or Project Group dialog box.

  4. In the Navigation panel, select User Management : Users.

  5. In the Users table, click the Create New User button. A form for entering new user account information appears.

  6. Enter information in the required fields (marked with a red asterisk) and any other information you want to specify at this time.

  7. Click the Create button to create the new user account.

Warning:

The Login Name field must be a unique value in the repository, and should not contain spaces. Acceptable characters include upper and lower case letters, numbers, dash, underscore, period, and the @ sign. This field is case-sensitive for the end user.

New users must be assigned at least one Global role in the Global Roles section. Otherwise, they are not be able to access any content in the portal.

Also note that log on permission is only granted to users assigned a role of user. By default, a new user is assigned the role everyone. If you do not also assign a role of user, either at the repository level, or in at least one project, the new user account is disabled, and the string [disabled] appears in red text in the user's account page when the new user account is saved. (This applies to normal users. Administrator users do not need explicit permissions assigned, as the administrator role grants them all permissions in the scope.)

Specifying a License for User Accounts:

If multiple licenses are present on your Polarion server, the License Type field appears on the user account form. The field provides a drop-down list of the licenses currently available. Select the license to be used by the new user you are creating.

After pressing Save, the new user is added to the users file (if the type is not the defaultUserLicense type).

Enable the New Account Creation form

Administrators may optionally configure a Polarion installation to enable new users to self-create a new user account. When the system is so configured, the portal log on page displays the following link:

Portal log on page may allow new users to explicitly create a new account.

When users click the link, a form appears which enables the user to specify account credentials, including user name, password, and email address for receiving notifications. When the form is submitted, the log on page appears again and the user can log on with the new credentials.

In cases where more than one product license is present on the server, it is also possible to configure which license type is used by new users who self-create an account from the portal log on page.

Enable the Create a New Account form:

This configuration is performed in the system properties file polarion.properties (follow link for location). To enable the new account form, feature set the enableCreateAccountForm option to true. To specify the license (or license group) for accounts created via the new account form, use the licenseForNewUserAccount property (see comments in the properties file for information about values). You can also specify the minimum length for passwords (minimalPasswordLength option) and role(s) for new users rolesForNewUserAccount option.

Configure User Auto-create

The Auto-create feature makes it possible for new users to create user accounts by simply logging on to the portal. When Auto-create is enabled, then when a new user enters a user name and password in the portal log on page, a user account is automatically created, provided that the password supplied is valid for accessing the Subversion repository. The new user is also assigned the role(s) configured for new auto-created users. It is recommended to configure the Auto-create feature with at least a role that enables users to log on — the user role, for example.

  1. Log on with administrator permissions for the repository. Enter Administration if you are not already there after logging on.

  2. In Navigation, expand User Management and select Auto-create.

  3. In the User ManagementAuto-create page, select Enable Auto-create. The Global Roles list appears. The user role is selected by default.

  4. Specify the global (repository-scope) role(s) to automatically apply to all auto-created user accounts.

Warning:

Be sure you understand the roles and the permissions they grant to users, and recommended best practice for role assignments. For information, see Default Roles and Permissions.

If more than one license type is present on your server, you may want to configure the license to be assigned to new auto-created users. Specify the license in the licenseForNewUserAccount property in the polarion.properties file. (Windows: polarion/configuration/polarion.properties, Linux: %POLARION_HOME%/etc/polarion.properties). See the comments for this property in the configuration file for more information. Note that if concurrent license groups are defined in the global configuration, it is possible to specify a concurrent license group in the licenseForNewUserAccount property rather than a license. For information on these groups, see the embedded Quick Help in the License topic of global Administration.

Note:

For Auto-create, the user specified in the login parameter of the polarion.properties file must have write access rights for the repository folders /.polarion/user-management/users and /.polarion/security in Subversion. This is not configured in default access file. You can configure it in Administration User Management Access Management (topic available in Polarion only), or in the SVN access file directly.

Enable users to reset password

You can configure Polarion to display a link on the portal log on page that leads to some page you have set up for users to reset their password. You need to set two system properties in the polarion.properties system configuration file:

  • com.polarion.ui.login.resetPasswordLinkURL - The URL of your password reset page.

  • com.polarion.ui.login.resetPasswordLinkLabel - Link text to display on the portal log on page.

See also: Advanced System Tuning.

Modify existing user accounts

Here are several common modifications an administrator may be called upon to make to user accounts.

Access a user account:

  1. Log on with administrator permissions and enter the Administration interface.

  2. In the Navigation panel, select User Management : Users to load the Users table in the Working area.

  3. In the table, select the user account you want to modify. Remember that the user account you want may not be on the first page of the Users table of there are multiple pages. If necessary, use the Search field to search for the user's name.

Editing a user account:

After accessing the desired account, click the Edit button in the Detail Pane of the Working Area. The following fields are modifiable:

  • Full Name

  • Email

  • Password

Change a User's Password:

  1. Access the user account as described in Access a User Account.

  2. Open the account for editing using the Edit button.

  3. Enter the new password in the New Password field.

  4. Enter the new password again in the Re-enter Password field.

  5. Exit the Re-enter Password field to make sure your two entries match and correct the fields if they do not.

  6. Click the Save button to change the user's password.

Note:

For information about passwords and password characters, see Passwords.

Delete users

Repository administrators can delete a user provided that the user is not the Assignee of any Work Items. This is the only check performed. If a deleted user is created any Work Items, the ID of the deleted user appears italicized in the Author field of those items.

If Polarion is synchronized with LDAP, and a user is deleted via Polarion Administration, then the user's LDAP account is not deleted. The user cannot log on to Polarion anymore, but can still access the Subversion repository via an external client. Delete the user's account on LDAP if the user should not have continued access to the repository.

  1. Log on with administrator permissions for the repository.

  2. Go to Global Administration (open Repository, or click Global Administration if you are in project Administration).

  3. In Navigation, expand User Management and select Users.

  4. In the top portion of the Users page, select the user you wish to delete, either by browsing the list, or using the Search field.

    When the user is selected in the top portion of the page, the user's detail appears in the lower portion of the page.

  5. In the toolbar of the detail portion of the page, click Delete and respond to the confirmation prompt.

    If the button is disabled, it means the user has some Work Item(s) assigned and therefore cannot be deleted.

Resolve users who cannot be deleted:

If you find a user that cannot be deleted, you need to locate the Work Items assigned to him/her and either unassign or reassign the items.

  1. Note the ID of the user you wish to delete. Then open the Repository. If you are in Administration, click the link Return to Portal.

  2. In Navigation, select Work Items.

  3. In the Table view, enter the following query string into the Query Builder:

    assignee.id:[USER_ID]

    Where [USER_ID] is the ID of the user you wish to delete. This query returns all the Work Items in the repository for which the user is an Assignee.

  4. For each item, either unassign the user or reassign the item to a different user. Use Bulk Edit to select multiple Work Items and apply the change of Assignee to all selected items at once.

    Run the above query again to be sure there are no Work Items remaining assigned to the user.

After completing the above steps, you can return to Repository Administration where you should now be able to delete the user as described above.