Built-in Users and Roles

This is the default administrator user. This user can do anything within Loftware Enterprise SP.

This is the default administrator user for customers using Loftware Cloud Enterprise SP. This user is assigned the ROLE_ADMINISTRATOR role and can configure users and system settings for their instance of Loftware Enterprise SP.

This is the LDAP administration user. This user is assigned the ROLE_ADMINISTRATOR role and can create and modify users as well as add and remove users from groups.

This role is granted the permissions needed to create, modify, and delete devices. Permissions include Read for everything except Facility, Groups, Roles, and Tag Categories; Write for Device Groups, Devices, Folders, JVM Processes, Remote Sites, and Servers; Create for Device Groups, Devices, Folders, Jobs, and Remote Sites; Delete for Device Groups, Devices, Folders, and Remote Sites, Administration for Device Groups, Devices, Folders, and Remote Sites; and Print for Data Services, Device Groups, Devices, Documents, Jobs, JVM Processes, Processes, and Servers.

This role is granted the permissions needed to view and print label templates and layer objects, progress or fail a step in a workflow, and approve and publish label templates and layer objects. Permissions include Read for everything except User Profiles and Users; Write for Folders; Create for Jobs; Design Print and Print permissions for Data Services, Device Groups, Devices, Documents, Jobs, and Processes; Print permission for Integrations, JVM Processes, and Servers; and Publish for Documents.

This role is granted the permissions needed to create label templates and layouts and import images. Permissions include Read for everything except Facility, Groups, Roles, and Tag Categories; Create for Documents, Folders, and Jobs; Write and Delete for Documents and Folders; and Print and Design Print permissions for Documents, Data Services, Device Groups, Devices, Jobs, and Processes; and Print permission for JVM Processes.

This role is granted the permissions needed to act as a Data Provider Person or process that enters data into a form or other data entry view for a label that was configured by a Designer. A user acting as a Data Provider requires the DOCUMENT_PRINTER role or equivalent permissions. so that the user can read and print label templates and other objects. Permissions include Read for everything except Facility, Groups, Remote Sites, Roles, Tag Categories, and Catalogs; Create permission for Jobs; and Print permission for Documents, Data Services, Jobs, Device Groups, Devices, and Processes.

This role is granted the permissions needed to view and print label templates and layer objects and progress or fail a step in a workflow. Permissions include Read for everything except User Profiles and Users; Create for Jobs; Design Print and Print permissions for Data Services, Device Groups, Devices, Documents, Jobs, and Processes; and Print permission for Integrations and JVM Processes.

This role or equivalent permissions are required by any user account that is selected as the Run As user for an integration. Such accounts are typically not interactive. Permissions include Create for Catalogs and Jobs; Write for Catalogs, Read for everything except for Remote Sites; and Print permission for Data Services, Devices, Documents, Device Groups, Jobs, Processes, Integrations, and JVM Processes. This role is read-only.

This role or its equivalent is required by the jvmAdmin user for internal product management. You do not need to assign it to any users.

This role is granted most administrator permissions except for those needed for deleting servers and server processes in a distributed services environment. The LOCAL_ADMIN role includes the permissions for a DOCUMENT_DESIGNER and a DOCUMENT_PRINTER, as well as the permissions necessary to act as a Data Service Administrator A local administrator who creates and configures data services for use by Designers who configure Database data sources and Alternate data sources.. By default, all pages are displayed to users with this role.

This role or its equivalent is required by the MultiSiteAdmin user for internal product management of multi-site deployments of Loftware Enterprise SP. You do not need to assign it to any users.

This role is granted the permission needed to perform object promotion in System  > Object Promotion. A user with this role must also have object access permissions for the objects they want to promote. For more information, see Object Access Permissions.

This role is granted the permission needed to access administrator features in Business Intelligence . If your reporting admins have other responsibilities in Loftware Enterprise SP, you will need to assign an additional role.

Note: Functionality related to Business Intelligence is available only if your Loftware Enterprise SP license has the Business Intelligence component enabled.

This role is granted the permission needed to access Business Intelligence . This role has no permissions on Loftware Enterprise SP objects. If your reporting users have other responsibilities in Loftware Enterprise SP, you will need to assign an additional role.

Note: Functionality related to Business Intelligence is available only if your Loftware Enterprise SP license has the Business Intelligence component enabled.