Enterprise Manager is the system administrator's primary tool for working with FileNet P8 security. By design, FileNet P8 applications like Workplace or Application Integration expose a subset of the full security interface required to completely understand and maintain FileNet P8 security.
Launching the Enterprise Manager
Enterprise Manager installs and runs only on machines running the Windows operating system. Anyone who can log on to the machine containing Enterprise Manager can launch Enterprise Manager. But EM itself will check the user's credentials by presenting a logon dialog box. The default and saved values in this dialog box are contained in a settings file named EMDomainConfig.xml.
So that administrative users can roam and login to Enterprise Manager from different workstations and also work with individualized, private copies of the settings file, the installed EMDomainConfig.xml is automatically copied to the logged in user's application data area. For example, in Windows XP and assuming Content Engine is installed to the default location, the file would be copied to:
C:\Documents and Settings\billg\Application Data\FileNet\ContentEngine\EMDomainConfig.xml
where "billg" is the user's login name. (Microsoft Vista uses a different location.)
When Enterprise Manager loads and tries to read connection information from EMDomainConfig.xml, it looks first in the user's ...\Application Data\ directory. If the file is not found, then EMDomainConfig.xml is copied from the Enterprise Manager installation area to the user's ...\Application Data\ directory where it is read from the new location.
NOTE EMDomainConfig.xml also stores configuration settings for FileNet Publishing Style Template Manager which also supports roaming logins as described above.
See Logon to a domain for more information.
Logging on to an object store
Each object store has its own ACL, comprised of the administrative users added to the Object Store Wizard's Specify Administrators page. Since each object store could have a different set of administrators, each object store requires a logon before the Enterprise Manager will make its features available, as explained below.
However, each object store displayed in the Enterprise Manager will check the user's access rights before making its full feature set available, as follows:
To access these menu items ... | ... you need this access right |
Expand object store tree | Object store: Full Control |
Object Store > Object Store name > Logon menu | Object store: Connect to store |
Object Stores > New Object Store menu |
Domain root: Create new stores |
Object Store > Delete menu | Domain root: Delete child objects |
Storage Areas > Delete menu Content Cache Areas > Delete menu |
Domain root: Delete child objects |
See Logon to object stores for information on how to logon.