CA Business Intelligence Default User Groups

Manage Users and Groups › CA Business Intelligence Default User Groups

CA Business Intelligence Default User Groups

To provide customer flexibility to create and assign users and for effective and easier security maintenance, CA Business Intelligence provides the following default user groups with a default set of permissions.

Note: If a user is part of more than one group, then the group having the lower permission level gets preference.

CA Reports Admin

Users in this group are the administrators for the CA Reports and CA Universes folders, explicitly granted all the rights on these folders.

CA Reports Author

Users in this group are granted rights to access, create, edit, copy, move, or schedule any of the objects in the CA Reports folder. This group does not have rights to delete any of the existing objects and instances except those objects that the user created and owns in the CA Reports folder.

CA Reports Viewer

Users in this group are granted rights to view and schedule any of the objects in the CA Reports folder. This group does not have access to create, edit, or delete any of the existing objects or instances in the CA Reports folder.

CA Reports Instance Viewer

This group is granted rights to access only the scheduled instances objects in the CA Reports folder. Users in this group cannot access the reports on-demand or create, edit, delete, or schedule any of the existing objects or instances in the CA Reports folder.

CA Universe Developer

This group is specifically for Universe development. Users in this group have full control to the CA Universes folder.

Those users who develop both reports and Universes must be part of both this group and CA Reports Author group.

The following table provides the explicitly granted and denied permissions (at granular level) for the default groups for the CA Reports folder:

Access Rights	CA Reports Admin	CA Reports Author	CA Reports Viewer	CA Reports Instance Viewer
Securely modify rights users have to objects that the user owns.	√	√	×	×
Schedule to destinations	√	√	√	×
Schedule document that the user owns to run	√	√	√	×
Delete instances that the user owns	√	√	×	×
Copy objects to another folder	√	√	×	×
Delete objects that the user owns	√	√	×	×
Use access level for security assignment	√	√	×	×
View objects that the user owns	√	√	√	×
Add objects to the folder	√	√	×	×
Replicate content	√	√	×	×
Pause and Resume document instances	√	√	√	×
View document instances	√	√	√	√
Securely modify right inheritance settings	√	√	×	×
Schedule objects that the user owns to destinations	√	√	√	×
Use access level that user owns for security assignment	√	√	×	×
Edit objects that the user owns	√	√	×	×
Delete instances	√	×	×	×
View objects	√	√	√	×
Define server groups to process jobs	√	√	×	×
Add objects to folders that the user owns	√	√	×	×
Define server groups to process jobs for objects that the user owns	√	√	×	×
Reschedule instances that the user owns	√	√	√	×
Schedule document to run	√	√	√	×
Schedule on behalf of other users that the user owns	√	√	√	×
View document instances that the user owns	√	√	√	√
Delete objects	√	×	×	×
Securely modify right inheritance settings for objects that the user owns	√	√	×	×
Schedule on behalf of other users	√	√	√	×
Modify the rights users have to objects that the user owns	√	√	×	×
Edit objects	√	√	×	×
Pause and Resume document instances that the user owns	√	√	√	×
Modify the rights users have to objects	√	√	×	×
Reschedule instances	√	√	√	×
Securely modify rights users have to objects.	√	√	×	×
Copy objects that the user owns to another folder	√	√	×	×

Note: CA Reports is a high-level folder. Users assigned to the default groups inherit access to the subfolders inside the CA Reports folder. To overwrite the inheritance feature on a specific subfolder inside the CA Reports folder, a new group must be created that includes specific access rights per the requirements. Users must be assigned to this newly created group, rather than the default user group created for the CA Reports folder.