Create the MID Server user and grant the role

Watch

Save as PDF

Share this page

Feedback

Extend Now Platform capabilities

HomeVancouver Now Platform CapabilitiesExtend Now Platform capabilitiesManage instance data sourcesMID ServerInstalling the MID ServerCreate the MID Server user and grant the role

Table of Contents

Create the MID Server user and grant the role

Release version:
Vancouver
Yokohama
Xanadu
Washington DC
UpdatedAug 3, 2023
3 minutes to read

Vancouver
MID Server

The Vancouver release is no longer supported. As such, the product documentation and release notes are provided for informational purposes only, and will not be updated.

To communicate with the instance, MID Servers need a user ID and the appropriate role. Create the user ID for a MID Server and grant the ID the mid_server role. To prevent MID Server validation failure, the system runs business rules to monitor the settings selected for MID Server users.

Before you begin

Role required: admin

About this task

The MID Server connects to an instance by using the SOAP web service. To allow authentication with the instance, create a separate user account for each MID Server or share the same account across multiple MID Servers. Grant each MID Server user the mid_server role, which is required for the MID Server user on any instance on which basic authentication is enabled. The mid_server role allows the MID Server to access protected tables when strict SOAP security is in place. The system adds the necessary SOAP roles automatically with this role.

Note: The strict SOAP security feature, enabled by default for any instance that uses basic authentication, protects all tables with Access Control Lists (ACL).

Procedure

From the instance, navigate to User Administration > Users.
Click New.

Complete the fields in the form.

Search:


Field	Description
User ID	User name for the MID Server user. This name is specified in the mid.instance.username parameter of the configuration file that the MID Server installer creates. For details, see MID Server parameters.
First name	The user's first name.
Last name	The user's last name.
Password	Password for the MID Server user. This password is specified in the mid.instance.password parameter of the configuration file that the MID Server installer creates.

Right-click the header and select Save.
Under the Roles related list, click Edit.
Select the mid_server role for this user.
Each MID Server account must have this role to access protected tables.
Click Save.
Confirm that the MID Server account was created successfully and the account has connectivity to the instance.
1. On the host machine where you intend to install the MID Server, open a browser and navigate to the instance.
2. Use your new MID Server user credentials to log in.
  If the login is successful, then any MID Servers you install on that host will be able to connect to the instance.

MID Server role validation

Real-time system validation of MID Server role assignments prevents incompatible settings.

To prevent MID Server validation failure and ensure that your MID Server is configured correctly, the system runs several business rules that monitor the roles and settings you select for your MID Server user. The instance displays a warning and blocks the change when you attempt to save an incompatible configuration.

Elevated privileges not permitted

The mid_server role cannot be configured for elevated privileges. The Invalid MID Server settings business rule runs on the Role [sys_user_role] table and prevents the elevated_privileges field from being set to true for the mid_server role.

Relationship table protection

The User Role [sys_user_has_role] table creates the relationship between the User [sys_user] and the Role [sys_user_role] tables.

Incompatible role
The mid_server and security_admin roles are incompatible and cannot be assigned to the same user. The system determines the user's current role and runs the Security Admin incompatible with MID business rule on the User Role [sys_user_has_role] table. This rule prevents an administrator from adding the security_admin role for a user who currently has the mid_server role.
Figure 2. Warnings for incompatible security_admin role assignment
Incompatible user role and user record settings
The Incompatible MID Server user role business rule runs on the User Role [sys_user_has_role] table to protect its data from incompatible configurations. Validation for this related table ensures that an administrator cannot assign the mid_server role to a user who already holds the security_admin role.

What to do next

Download the MID Server files for your operating system.

Vancouver Now Platform Capabilities

Filters

Versions

Produkte