E Granting Administrator Role to a Nondefault User

On Oracle WebLogic Server, the user named weblogic is the default domain administrator. While creating a domain, if you specify any other user as the domain administrator, that user is granted all the domain administrative rights. However, after creating the domain, you must manually grant the administrator role to that nondefault user for Oracle WebCenter Spaces and Oracle WebCenter Discussions applications. This appendix describes how to do this.

The appendix includes the following sections:

• Section E.1, "Granting Administrator Role for WebCenter Spaces"

• Section E.2, "Granting Administrator Role for Oracle WebCenter Discussions Server"

E.1 Granting Administrator Role for WebCenter Spaces

By default, for WebCenter Spaces, the administrator role is granted to the user weblogic. You can grant administrator role to a different user by using the Oracle Enterprise Manager Fusion Middleware Control or WebLogic Scripting Tool (WLST).

After you grant the administrator role to a different user, you must revoke the seeded administrative privileges granted to the user, weblogic.

E.1.1 Granting Administrator Role by Using Oracle Enterprise Manager

To grant the administrator role to a non-weblogic user by using Oracle Enterprise Manager Fusion Middleware Control:

1. Log on to the Oracle Enterprise Manager Fusion Middleware Control as the nondefault user whom you specified as the domain administrator while creating the WebCenter domain, as described in Section B.6, "Configure Administrator Username and Password Screen".

   For information about how to start Oracle Enterprise Manager, see the "Introduction to Oracle WebCenter Administration" chapter in the Oracle Fusion Middleware Administrator's Guide for Oracle WebCenter.

2. Under WebLogic Domain, select Security, and then Application Roles.

3. Search for the Admin application role s8bba98ff_4cbb_40b8_beee_296c916a23ed.

4. From the search results, under the Role Name column, click the link for s8bba98ff_4cbb_40b8_beee_296c916a23ed. (Figure E-1)

   Figure E-1 Application Roles

   
   Description of "Figure E-1 Application Roles"
   
   

5. Under Users, click Add User.

6. In the User Name box, enter the user name that you want to search and then click the search icon.

7. From the Available Users list, select the desired user name and then click Move. (Figure E-2)

   Figure E-2 Adding a User to an Application Role

   
   Description of "Figure E-2 Adding a User to an Application Role"
   
   

8. Click OK.

9. Under Users, click the weblogic link.

10. Click Delete.

11. Click Yes to remove weblogic from the administrator role. (Figure E-3)

    Figure E-3 Removing weblogic from the Administrator Role

    
    Description of "Figure E-3 Removing weblogic from the Administrator Role"
    
    

12. Click OK.

13. Restart the WLS_Spaces managed server.

14. Log on to the WebCenter Spaces application as the nondefault user whom you assigned the administrative privilege.

    In the WebCenter Spaces application, presence of the Administration link in the toolbar of useful links across the top of the page indicates that you have logged on as an administrator.

    Figure E-4 Administration Link in WebCenter Spaces

    
    Description of "Figure E-4 Administration Link in WebCenter Spaces"
    
    

E.1.2 Granting Administrator Role by Using WLST

To grant the administrator role to a nondefault user by using the WLST command:

1. Start WLST. For information, see the "Oracle WebLogic Scripting Tool (WLST)" section in the Oracle Fusion Middleware Administrator's Guide for Oracle WebCenter.

2. Connect to the Oracle WebLogic Server instance.

   For example, use the following command:

   connect('weblogic_admin','welcome1','example.com:7001');

3. Grant the WebCenter administrator application role to the desired user.

   For example, use the following command to grant the administrator role to the user weblogic_admin :

   grantAppRole(appStripe="webcenter",appRoleName="s8bba98ff_4cbb_40b8_beee_296c916a23ed#-#Administrator", principalClass="weblogic.security.principal.WLSUserImpl",principalName="weblogic_admin")

4. Revoke the seeded grants from the user, weblogic.

   For example, use the following command:

   revokeAppRole(appStripe="webcenter",appRoleName="s8bba98ff_4cbb_40b8_beee_296c916a23ed#-#Administrator", principalClass="weblogic.security.principal.WLSUserImpl",principalName="weblogic")

5. Restart the WLS_Spaces managed server.

6. Log on to the WebCenter Spaces application as the non-weblogic user whom you assigned the administrative privilege.

E.2 Granting Administrator Role for Oracle WebCenter Discussions Server

By default, Oracle WebCenter Discussions uses a database for user identity management. The default user weblogic is the super administrator for the entire Oracle WebCenter Discussions application. This section describes how to create a user and grant administrator privileges to that nondefault user.

E.2.1 Creating a User for Default Setup

Oracle recommends that you use Oracle Internet Directory as your LDAP-based identity store for integrating with WebCenter applications and supporting single sign-on. In case you are using the default setup, which is the Oracle WebCenter Discussions server database, then to make a nondefault user as an administrator, you must first create the user on Oracle WebCenter Discussions server and then assign administrative rights to that user.

To create a user on Oracle WebCenter Discussions:

1. Log on to Jive Forum Admin Console as weblogic/weblogic by using the following URL format:

   http://host:port/owc_discussions/admin

   Where host:port refer to the host and port number of the server to which Oracle WebCenter Discussions is deployed, and owc_discussions refers to your Oracle WebCenter Discussions domain.

2. Click the Users/Groups link in the list of links across the top of the page.

3. Click the Create User link on the navigation panel on the left.

4. On the Create User page, enter user details such as the user name, e-mail address, and password. (Figure E-5)

5. Click Create User.

   Figure E-5 Creating a User on Oracle WebCenter Discussions

   
   Description of "Figure E-5 Creating a User on Oracle WebCenter Discussions"
   
   

E.2.2 Granting the Administrator Role

To grant the administrator role to a nondefault user on Oracle WebCenter Discussions:

1. Access the following Jive Forum Admin Console URL: http://host:port/owc_discussions/admin

2. Log on with the default system administrator credentials, weblogic/weblogic.

3. Click the Settings link in the list of links across the top of the page.

4. Click the Admins/Moderators link, if not selected, in the navigation panel on the left.

5. On the Admins & Moderators page, click the Grant New Permissions tab.

6. Select the System Admin checkbox.

7. Select the A Specific User checkbox and specify the user to whom you want to grant administrative privilege for Oracle WebCenter Discussions.

8. Click Grant New Permission.

   You can now log on to Oracle WebCenter Discussions as the user whom you have assigned the administrative privilege.

   Figure E-6 Granting the Administrator Role on Oracle WebCenter Discussions

   
   Description of "Figure E-6 Granting the Administrator Role on Oracle WebCenter Discussions"
   
   

E.2.3 Revoking Administrator Role from the Default User

After assigning the administrator role to the required nondefault user, you may want to revoke the administrator role from the default user, weblogic.

To revoke the administrator role from the user weblogic:

1. Log on to Jive Forum Admin Console as the nondefault user whom you assigned the administrator role.

2. Click the Settings link in the list of links across the top of the page.

3. Click the Admins/Moderators link, if not selected, in the navigation panel on the left.

4. On the Admins & Moderators page, under the Permission Summary tab, uncheck the System Admin checkbox for the weblogic user. (Figure E-7)

   Figure E-7 Revoking the Administrator Role

   
   Description of "Figure E-7 Revoking the Administrator Role"
   
   

5. Click Save Changes.

   The administrative privileges for managing Oracle WebCenter Discussions are now revoked from the user weblogic.

You may want to change the default password of the user weblogic. To change the password:

1. Log on to the Jive Forum Admin Console as an administrator.

2. On the Admins & Moderators page, under the Permission Summary tab, click the weblogic link.

3. On the User Profile page, click the edit user settings link.

4. Click the Change Password link. (Figure E-8)

   Figure E-8 Changing Password

   
   Description of "Figure E-8 Changing Password"
   
   

5. Enter the new password in the New Password and Confirm Password fields.

6. Click Change Password.