Managing Users - 6.3

Talend Administration Center User Guide

EnrichVersion
6.3
EnrichProdName
Talend Big Data
Talend Big Data Platform
Talend Data Fabric
Talend Data Integration
Talend Data Management Platform
Talend Data Services Platform
Talend ESB
Talend Real-Time Big Data Platform
task
Administration and Monitoring
Deployment
EnrichPlatform
Talend Administration Center

Warning

Only users that have the Administrator role and rights can have read-write access to this page. For further information on access rights, see User roles/rights in the Administration Center.

From the Users page, you can manage the users of Talend Studio stored in the remote repository.

Note that once Single-Sign On is enabled, you will not be able to manage from Talend Administration Center all the user settings handled by the Identity Provider, such as user passwords, project types on which users are assigned or user roles.

Accessing the users' list

To access the list of user accounts, click Users in the Menu tree view. This list displays all accounts whether they are Administrators, Operation managers, Designers or Viewers.

When you access this list for the first time, and if SSO was not enabled, only the default administrator account shows on the list.

The account list provides the following pieces of information for each user. If SSO was enabled, some fields might be read-only.

Column

Description

Login

User's email address used to login to the remote repository of Talend Studio.

Role

Administrator, Operation manager, Designer and Viewer. For more information, see User roles/rights in the Administration Center.

Group

Group to which the user has been added. For more information, see Grouping users by user type.

Last Name

Last name of the user.

First Name

First name of the user.

Type

Data Integration/ESB, Data Quality and Master Data Management according to the license you set in Talend Administration Center. For more information, see What domains can you work in depending on your user type and license.

Active

The user account is activated when the corresponding Active column is filled with . If an account is deactivated, the icon displays and the user can not access Talend Administration Center and/or Talend Studio.

Logged in

Indicates which users are logged in the Talend Studio ( icon) and Talend Administration Center ( icon) and for what period of time.

Creation

The creation date of the account in Talend Administration Center.

SVN/Git login

The user login to SVN/Git. Note that this user must have been previously created in SVN/Git.

If you use the LDAP system to handle the SVN and Git credentials, these credentials must be edited through LDAP as Talend Administration Center will automatically retrieve the changes performed.

Note

New designer users, not created by the Administrator, can appear in the list and consume users from the license. Those designers are created from Talend Studio when users create their sandbox project. For more information on how users create sandbox projects, see Talend Studio User Guide and for more information on how to manage sandbox projects, see Managing sandbox projects in the present User Guide.

The buttons on the toolbar of the Users page allow you to refresh the display of the account list, add a new account, duplicate an account which already exists, delete one or more accounts and import users.

The right panel of the Users page allows you to create new user accounts and to modify selected accounts. For more information, see Adding a user and Editing a user.

The two areas, Data and Connection stats, in this panel display more detailed information about the selected account. For more information, see Displaying the connection information of a user.

You can hide/show this panel by clicking respectively the and the buttons located in the upper right corner of the panel.

Adding a user

To add users, you can:

  • add new user accounts from the Users page of Talend Administration Center.

  • create users with LDAP. Creating a user account with LDAP is slightly different from the default operation. With LDAP, only the Distinguished name and the role are required, while with the default operation, the First name, Last name and Password are all required.

    When you want to use the LDAP system to list and authenticate users, you must first activate LDAP authentication on the Configuration page of Talend Administration Center. For more information on activating LDAP authentication, see Setting up an LDAP(S) protocol.

  • create users via an Identity Provider system (Okta, SiteMinder).

    Note that once Single-Sign On is enabled, you will not be able to manage from Talend Administration Center all the user settings handled by the Identity Provider, such as user passwords, project types on which users are assigned or user roles.

    When you want to use an Identity Provider system to list and authenticate users, you must first activate both SSO and Role Mapping on the Configuration page of Talend Administration Center. For more information, see Enabling SSO.

You cannot activate both LDAP and SSO at the same time as user management needs to be handled either in LDAP or in your Identity Provider.

For more information on the user creation modes, see the following sub-sections.

How to add a user (default)
  1. On the Users page, click Add to create a new account. You can create a Viewer, Designer, Operation Manager, Administrator or a user with several of these roles.

  2. In the Data panel to the right, fill in the following information.

    Field

    Description

    Login

    Type in the user's email address that will be used to log on to the remote repository of Talend Studio.

    First Name

    Type in the user's first name.

    Last Name

    Type in the user's last name.

    Password

    Type in a password for this account.

    SVN/GIT login

    Type in the SVN or GIT login (or both, depending on where your projects are stored) in order for the user to commit the modifications made on Talend Studio with this SVN/GIT login instead of the default one.

    Note that the login and password must correspond to a user that has been previously created in SVN/GIT.

    SVN/GIT password

    Type in the SVN/GIT password corresponding to the SVN/GIT login.

    Note that the login and password must correspond to a user that has been previously created in SVN/GIT.

    Type

    Select the type of project the user will be working on depending on the license you set in Talend Administration Center. For more information, see What domains can you work in depending on your user type and license.

    Note

    If the license set in Talend Administration Center is a Data Integration or ESB license only, this field will not display as there will not be other types available.

    Role

    Click to open a dialog box where you can select from the list the check box of the user role(s) you want to assign to the selected user. You can assign the user several roles at the same time. To do so, select the check boxes of the roles you want to assign to the selected user and click Validate in the dialog box.

    Note that if you enabled the Role Mapping option in the SSO node of the Configuration page, this field might be automatically filled. For more information, see Enabling SSO.

    The role(s) will define the read and write privileges relating to the management of all entities in Talend Administration Center. For more information on user roles, see User roles/rights in the Administration Center.

    Group

    Click to open a dialog box where you can select from the list the check box of the user group(s) in which you want to add to the selected user.

    Note that the user group must have been previously created. Once created, this group can be assigned to a project of the same type. For more information on user roles, see User roles/rights in the Administration Center.

    Active

    Activate/deactivate an account to enable/disable the selected user to access Talend Administration Center and/or Talend Studio.

  3. Click Save to validate the creation of the new user or click Cancel to cancel it.

To perform this action via the MetaServlet application, use the createUser command. For more information about the MetaServlet parameters, see Parameters and actions in metaServlet.

How to add a Data Preparation user

Talend Administration Center allows you to add Data Preparation user accounts to the web application. These users can either be related to Talend Data Preparation only, or to hybrid projects with both Data Preparation and other project types (Data Integration for example).

Prerequisite: Your license includes Data Preparation user types.

How to add a user with Data Preparation type

This type of user only has a read-write access to the User Settings of Talend Administration Center and can be assigned to a Data Preparation user group type. For more information on user groups, see Grouping users by user type.

  1. On the Users page, click Add to create a new Data Preparation user account.

  2. In the Data panel to the right, fill in the following information:

    Enter the user's name, login (email address) and password for this account.

    Click next to the Role field to open a dialog box where you can select from the list the check box of the role(s) you want to assign to the selected user.

    Click next to the Group field to open a dialog box where you can select from the list the check box of the user group(s) in which you want to add the selected user.

  3. Select the Data Preparation User check box to set this account as a Data Preparation account.

  4. Set the Data Preparation user Type to No Project access as this user is not linked to any projects and will only work in Talend Data Preparation.

  5. Click next to the Data Preparation Role to open a dialog box where you can select from the list the check box of the Data Preparation role(s) you want to assign to the selected user.

  6. Click Save to validate the creation of the new user.

How to add a hybrid Data Preparation user

This type of user cannot be assigned to a Data Preparation user group type, but it can be assigned to the user group type corresponding to its own user type (a hybrid Data Preparation/Data Integration user can be assigned to a Data Integration user group, for example). For more information on user groups, see Grouping users by user type.

  1. On the Users page, click Add to create a new Data Preparation user account.

  2. In the Data panel to the right, fill in the information as described in the previous procedure, but select in the Type field the type of project the Data Preparation user will be working on depending on the license (Data Integration/ESB, Data Quality or Master Data Management).

    Note that if you enabled the Role Mapping option in the SSO node of the Configuration page, these fields might be automatically filled. For more information, see Enabling SSO.

  3. Click Save to validate the creation of the new user.

To perform this action via the MetaServlet application, use the createUser command and define the dataPrep and dataPrepRole arguments. For more information about the MetaServlet parameters, see Parameters and actions in metaServlet.

For more information on how to add a Data Preparation user with LDAP, see How to add a user with LDAP.

How to add a Data Stewardship user

Talend Administration Center allows you to define Data Stewardship users and assign them predefined roles. This makes the user list accessible from Talend Data Stewardship where users can be assigned to specific campaigns and tasks.

These users can either be related to Talend Data Stewardship only, or to hybrid projects with both Data Stewardship and other project types (Data Quality for example).

Prerequisite: Your license includes Data Stewardship user types.

How to add a user with Data Stewardship type

This type of user only has a read-write access to the User Settings of Talend Administration Center and can be assigned to a Data Stewardship user group type. For more information on user groups, see Grouping users by user type.

  1. On the Users page, click Add to create a new Data Stewardship user account.

  2. In the Data panel to the right, fill in the following information:

    Enter the user's name, login (email address) and password for this account.

    Click next to the Role field to open a dialog box where you can select from the list the check box of the role(s) you want to assign to the selected user.

    Click next to the Group field to open a dialog box where you can select from the list the check box of the user group(s) in which you want to add the selected user.

  3. Select the Data Stewardship User check box to set this account as a Data Stewardship account.

  4. Set the Data Stewardship user Type to No Project access as this user is not linked to any projects and will only work in Talend Data Stewardship.

  5. Click next to the Data Stewardship Role to open a dialog box where you can select from the list the check box of the Data Stewardship role(s) you want to assign to the selected user.

  6. Click Save to validate the creation of the new user.

How to add a hybrid Data Stewardship user

This type of user cannot be assigned to a Data Stewardship user group type, but it can be assigned to the user group type corresponding to its own user type (a hybrid Data Stewardship/Data Quality user can be assigned to a Data Quality user group, for example). For more information on user groups, see Grouping users by user type.

  1. On the Users page, click Add to create a new Data Stewardship user account.

  2. In the Data panel to the right, fill in the information as described in the previous procedure, but select in the Type field the type of project the Data Stewardship user will be working on depending on the license (Data Integration/ESB, Data Quality or Master Data Management).

    Note that if you enabled the Role Mapping option in the SSO node of the Configuration page, these fields might be automatically filled. For more information, see Enabling SSO.

  3. Click Save to validate the creation of the new user.

To perform this action via the MetaServlet application, use the createUser command and define the tds and tdsRoles arguments. For more information about the MetaServlet parameters, see Parameters and actions in metaServlet.

For more information on how to add a Data Stewardship user with LDAP, see How to add a user with LDAP.

How to add a user with LDAP

Prerequisites :

  • To create a user that is authenticated using the LDAP directory, you must first activate LDAP authentication from the Configuration page. For more information, see Setting up an LDAP(S) protocol

  • To activate LDAP over SSL (LDAPS) authentication, you also need to have configured the corresponding keystore. For more information, see the Talend Installation Guide.

For more information on how to configure the keystore for LDAPS, see the Talend Installation Guide.

Once LDAP authentication is activated, proceed as follows to create an authenticated user.

  1. On the Users page, click Add on the toolbar to create a new account. This can be a Viewer, an Operation Manager, a Designer, an Administrator or several of these roles.

  2. On the Data panel to the right, complete the following information:

    Field

    Description

    Distinguished name

    Fill in the user name to authenticate the user and retrieve the corresponding connection information (Login, First name, Last name and Password).

    Type

    Data Integration/ESB, Data Quality and Master Data Management according to the license you set in Talend Administration Center. For more information, see What domains can you work in depending on your user type and license.

    Role

    Click to open a dialog box where you can select from the list the check box of the user role(s) you want to assign to the selected user.

    Note

    You can assign the user several roles at the same time. To do so, select the check boxes of the roles you want to assign to the selected user and click Validate in the dialog box.

    The role(s) will define the read and write privilege on the management of all entities in Talend Administration Center. For more information on user roles, see User roles/rights in the Administration Center.

    Data Preparation User

    Select the Data Preparation User check box to set this account as a Data Preparation account and to assign the user the corresponding Data Preparation role(s).

    Data Stewardship User

    Select the Data Stewardship User check box to set this account as a Data Stewardship account and to assign the user the corresponding Data Stewardship role(s).

    Group

    Click next to the Group field to open a dialog box where you can select from the list the check box of the user group(s) in which you want to add the selected user. For more informations, see Grouping users by user type.

    Active

    Activate/deactivate an account to enable/disable the selected user to access Talend Administration Center and/or Talend Studio.

  3. Click Save to validate the creation of the new user or click Cancel to cancel it.

    When you click Save, Talend Administration Center searches for the indicated name in the LDAP server. If this user is found on the server, it will be created on Talend Administration Center and the user's information (Login, Email, First name, Last name, Password, Svn Login and Svn Password) will be retrieved. If this user does not exist in the LDAP server, a warning will appear to inform you that the user is not created in Talend Administration Center and it does not exist in the LDAP server.

    If you use the LDAP system to handle the SVN and Git credentials, these credentials must be edited through LDAP as Talend Administration Center will automatically retrieve the changes performed.

    To learn about best practices regarding LDAP mappings for SVN and Git credentials, and their encryption in Talend Administration Center, see documentation on Talend Help Center (https://help.talend.com).

Displaying the connection information of a user

Select a user in the account list to display the connection information of the selected account in the Connection stats area of the Users page.

The displayed information is as the following:

Field

Description

To the Administration Center

First

Date of the first connection to the Administration Center

 

Last

Date of the last connection to the Administration Center

 

Number

Number of connections to the Administration Center

To the Studio

First

Date of the first connection to Talend Studio

 

Last

Date of the last connection to Talend Studio

 

Number

Number of connections to Talend Studio

To the Data Preparation

First

Date of the first connection to Talend Data Preparation

 

Last

Date of the last connection to Talend Data Preparation

 

Number

Number of connections to Talend Data Preparation

Importing user accounts from a file

You can import users from a file and integrate them directly in Talend Administration Center.

The file format used is json, for example:

{"role":["Administrator","Operation manager"],"lastname":"Schrute","login":"dschrute@talend.com","firstname":"Dwight","type":"MDM","password":"admin"}

The "role", "lastname", "login", "password", "firstname" and "type" fields are mandatory.

Note that this option is not available if SSO was enabled.

  1. On the toolbar of the Users page, click Import users. The [Import users] dialog box opens.

  2. Browse to the file that holds the accounts you want to import and click Upload.

    A confirmation message gives you the import status of each of the user accounts listed in the file.

  3. Click Close to close the confirmation message. The imported user accounts are listed in the account list, sorted by role.

Grouping users by user type

From the User Groups page of Talend Administration Center, you can organize existing users in groups based on their type (Data Integration/ESB, Data Quality, Master Data Management, Data Preparation, Data Stewradship). Once created, these groups can be assigned to projects of the same type.

User groups allow administrators to manage large amount of users by organizing them efficiently in order to assign them easily to corresponding projects.

Add users to a group

Prerequisite: You have already created several users of the same type from the Users page. For more information, see Adding a user.

  1. On the User Groups page, click the Add a user group button on the User Groups panel of the page.

  2. In the [User Group] window that opens, give a name, a type and corresponding roles (if necessary) to your user group, then click Save.

  3. On the Users panel of the page, select the users you want to add in your group, then drag and drop them in the corresponding group of the User Groups panel.

    Note that:

    • you can select multiple users with the Ctrl and SHIFT keys.

    • Master Data Management users can be added to Master Data Management, Data Quality or Data Integration groups, Data Quality users can added to Data Quality or Data Integration groups, and Data Integration users can only be added to Data Integration groups.

      For Talend Data Preparation and Talend Data Stewardship users: Data Preparation-only and Data Stewardship-only users (with no related project) can only be added to Data Preparation and Data Stewardship groups respectively, whereas hybrid users can only be assigned to the group type corresponding to their own user type (a hybrid Data Preparation or Data Stewardship+Data Integration user can be assigned to a Data Integration user group, for example).

    Your user group is created and populated with the users you have selected.

    To perform these actions via the MetaServlet application, use the createUserGroup, addUserToUserGroup and listUserGroup commands. For more information about the MetaServlet parameters, see Parameters and actions in metaServlet.

    Next step: Now that your user group is created, you can assign it to a project of the same type. For more information, see Authorizing users on projects.

Remove users from a user group

  • To remove a user from an existing user group, right-click the user from the Users panel of the User Groups page and click Remove assignment.

    Note that you can select multiple users to be removed with the Ctrl and SHIFT keys.

Editing or deleting a user account

Editing a user

Note that this option is not available if SSO was enabled.

  1. In the Menu tree-view, select Users to open the list of users.

  2. Select the user you want to edit from the list of users.

  3. In the Data area, modify the user details as needed, then click Save to validate the modification.

Activating/deactivating an account

You can activate/deactivate a user to enable/disable the selected user to access the Administration Center internal resources. If an account is deactivated, you cannot use the corresponding login to create another account.

Note that this option is not available if SSO was enabled.

  1. Select the user you want to activate/deactivate on the Users page.

  2. In the Data view, select/clear the Active check box, then click Save to validate the operation or click Cancel to ignore it.

Duplicating a user

To avoid creating a new user from scratch, you can duplicate an existing one and modify its metadata to create a new user in the list.

Note that this option is not available if SSO was enabled.

  1. On the Users page, select the user you want to duplicate.

  2. On the toolbar, click Duplicate. The Data area opens with a copy of the selected user that you can modify as needed.

  3. Click Save to validate the operation or click Cancel to cancel it.

Deleting an account

You cannot delete a user when the user to be deleted:

  • is currently connected to the application,

  • has locked items, for example, because the user is currently working on these items,

  • is the only active administrator user. There must always be at least one active administrator user.

If the user you deleted subscribed to notifications, he/she will automatically be removed from these notifications when you delete their accounts. If the deleted user is the only subscriber to the notification, this notification will be automatically deleted. For more information regarding notifications, see Managing notifications.

  1. On the Users page, select the user you want to delete.

  2. On the toolbar, click Delete. A confirmation dialog box appears.

  3. Click OK to remove the account from the account list.

Managing user sessions in Talend Studio, Talend Data Preparation and Talend Administration Center

From the Users page of Talend Administration Center, you can see which users are logged in the Talend Studio, in Talend Data Preparation and in Talend Administration Center and log them out if needed. This feature might be useful if your license includes users that can work simultaneously on the Studio or Talend Administration Center. For more information on concurrent users, see Managing licenses.

  1. On the user account list, select the user you want to log out and click the or icon on the Logged in column. The [Manage user sessions] dialog box opens and display the connection duration of the user to the Talend products.

  2. To log the user out of the Studio, click the Logout from Studio button next to the icon.

    To log the user out of Talend Administration Center, click the Logout from TAC button next to the icon.

    To log the user out of Talend Data Preparation, click the Logout from DataPrep button next to the icon.

    To log the user out of both applications, click Logout from all.