To migrate security settings from uDeploy 4.8.5 or IBM® uDeploy 5.0 to IBM UrbanCode Deploy,
perform the following steps.
Before you begin
Before starting, read the
Security topic, which will
help you determine the number of teams you will need.
Note: If you are upgrading from a version prior
to 4.8.5 and you want to upgrade your security settings, you must first upgrade to 4.8.5 or 5.0
before performing this task. If you are upgrading the server but not your security settings, you
must be at version 4.8.3 or higher.
About this task
The security model in
IBM UrbanCode Deploy
represents significant changes from previous versions. The migration task enables you to secure
existing user-created objects instead of individually securing each object after
upgrading.
Note: This task should be complete before performing the upgrade.
Procedure
- Open the Migration page by navigating to the migration URL:
deploy_server_location/#migration/teams. For example:
https://company.com:8443/#migration/teams
- Open the User Roles pane to create
roles and assign permissions to them. For information about roles,
see Roles and permissions. Create at least one administrator-type
role with all permission, or at a minimum all Web UI permissions,
and the Add Team Members and Manage
Security permissions from the System security type.
For
information about security types, see Security types.
Note: The Execute permission is now only
used by the Environment security type, and you no longer have to grant
that permission to other types. In order to change or modify an item,
a user must have the corresponding Edit permission. You can lock items
by withholding the Edit permission from a role.
- Open the Teams pane to create teams
and add users and groups to them. All previously created users and
groups are available for assignment. For information about creating
teams and assigning users, see Security teams.
Note: Users must be assigned to
a role when added to a team, so roles must be defined before users
and groups can be added to teams.
- Open the Object-Team Mapping pane to map objects that can be secured to
the teams that will manage them. The secure-able object types can be seen in the following screen capture.
Figure 1. Obect-Team Associations pane
To map objects, perform the following steps:- Select the object type from the object-type list.
- Select all the objects you want to assign to the same team from the object list. The tph1 agent is selected in the accompanying figure. You can select
multiple items by holding down the Shift key when selecting an item. Use the filter boxes to limit
long lists.
- Click the Add Selected to Team button.
- From the Add a Team dialog box, select the team to which you want the selected objects
assigned, and the security type.
- Click Save.
Note: The Licenses type is not used and can be ignored.
- By default, manual tasks are configured to be useable by
any user. To limit a task to a specific role, open the Task
Security pane and associate the task with the role. Any application, component, or approval-type task used in a
process is available to use. To associate tasks with roles, perform
the following steps:
- Select the task type from the task-type list.
- Open the Configuration dialog box by clicking the Configuration button
for the task you want to use.
- Select a value from the Who can approve this
task list. Roles can be restricted by environment
or application.
Figure 2. Who can approve this
task list
- Select the role and security type for the task. If you specify the admin role, for example,
in order to use the object a user must be assigned the admin role.
Multiple roles can be selected.
- Save you work.
Results
After setting up security, you are ready to upgrade to
IBM UrbanCode Deploy. For
information about upgrading, see
Upgrading IBM UrbanCode Deploy. After the
upgrade, in addition to the teams you configured, a System team is created that has permissions
granted for all objects that can be secured. Anyone added to a role on the System team is granted
all permissions for its objects.