Set up user accounts in IBM BPM

IBM BPM, V8.0.1, All platforms > Install and configure IBM BPM > IBM BPM Advanced: Process Server > Install and configure IBM BPM Advanced: Process Server > On Windows > Stand-alone environment > Modify an existing installation
Set up user accounts for stand-alone configurations

You can use an internal security provider in IBM BPM to create and maintain users and groups. Additionally, you can combine the internal security provider with an external security provider such as Lightweight Directory Access Protocol (LDAP).
About this task
The internal security provider in IBM BPM includes several default users and groups. When you use the internal security provider with an external provider, the users and groups from both providers are available for selection.Important: Do not remove the default IBM BPM administrator account, tw_admin, or the default administrator group, tw_admins.
You cannot administer servers and users without these default accounts. To change the password for the tw_admin account, see Manage default users and groups.
The best way to manage security in IBM BPM is by using groups.
For example, to grant administrative access to IBM BPM, add preexisting groups of users from your external security provider to tw_admins, which is a IBM BPM group whose members have administrative access to IBM BPM product components by default. Then, when changes are required, you can add or remove individual users from the groups that exist in your external security provider. This practice ensures that the security maintenance that you perform in your external provider does not require additional work in IBM BPM.
Procedure

To set up your user accounts for stand-alone configurations when you initially configure IBM BPM servers:

To access the Process Admin Console, in your web browser, go to http://[host_name]:[port]/ProcessAdmin . Log on using the default administrative account (tw_admin) and the default password (tw_admin).
Optional: Create the different types of users and groups that your users will need in IBM BPM.
Add members to the default IBM BPM groups or groups that you have created. You can add users and groups from any configured external provider, such as LDAP, and internal IBM BPM users and groups.
Add the users and groups who need access to the repository, and grant administrative access to the appropriate users. Then establish who can access each process application and toolkit. The best way to grant access to the repository is to add members to the default group, tw_authors.
Parent topic: Modify an existing installation Related information:
Manage default users and groups
Access the Process Admin Console
Create and maintaining users for a stand-alone server
Create and maintaining users for a deployment environment server
Create and managing groups