• Adding Users to Manifest
• Creating a New Manifest Group
• Removing Users from Manifest Groups
• Managing Users as an IDMC Sub-Org Admin

Adding users to Manifest

DoIT EI uses Manifest groups to give teams access to the UW-Madison Informatica Data Management Cloud (IDMC) environment.

1. Add your team member(s) to the Manifest group. See the documentation on Managing Manifest Group Members.
2. Have your team members log in to both the test and production environments. See the documentation on Log into IDMC and accessing multiple environments.
3. Notify our team at integration-platform@doit.wisc.edu once all group members have logged in to both orgs at least once. No further action on your part is required after this. We will provision your users to their user group within IDMC manually. This must be done by a member of the Integration Team or another IDMC admin.

Creating a new Manifest group

Manifest groups do not automatically have access to IDMC; permissions must be provisioned by the Integration Team.

1. Create a Manifest folder or choose an existing one. A Manifest folder is a prerequisite to creating a Manifest group. If you do not have (or wish to use) an existing Manifest folder, refer to the documentation on How to Create a Manifest Folder.
2. Create a Manifest group. Follow the documentation on how to Create a Group.
   • To keep the group easily identifiable, we recommend prefixing the group name with your department name (e.g., "DoIT-AIS-Enterprise-Integration-IDMC"). See the documentation on Manifest Group and Folder Naming Advice and Philosophy.
3. Grant Read and View privileges for your new Manifest group to our team's group, uw:org:ais:ais-admins. This allows our team to view the names of members in your group so that we can set up their accounts in IDMC. Follow these instructions.
4. Email our team at integration-platform@doit.wisc.edu with the Manifest group path (e.g., uw:org:ais:DoIT-AIS-Enterprise-Integration-IDMC). We will grant your team members access to IDMC.
   • We will also provide your IDMC User Group name, which you will use to restrict access to your team's assets in IDMC. Refer to the Set up asset permissions in shared IDMC environment.
5. Add users to the Manifest group. See the instructions above.
6. Wait for a response from our team. We will notify you once we have provisioned your Manifest group's access to IDMC.

Removing users from Manifest groups

1. To remove an IDMC user from your IDMC User Group, delete the member from your Manifest group. See the documentation on Managing Manifest Group Members.
2. Once you have removed the required members, email integration-platform@doit.wisc.edu with the IDMC User Group name and the NetID of the member to remove. DoIT EI will notify you when we have removed the user from your IDMC User Group.

Managing users as an IDMC sub-org admin

If you are the admin of an IDMC sub-org and would like to add, manage, or remove users, the process is mostly the same as for an end user of a non-sub-org. The instructions above still largely apply; however, you will need to manage some parts of this process yourself.

• When adding users to your organization, you must do so through a method automated via SAML. Do not add users directly through the IDMC Admin Portal.
• You will still need to grant Read and View privileges for your Manifest group to our team as described in the instructions above, and contact us to provision access to the sub-org.
• You will need to create a User Group within your sub-org to manage permissions. For more information, refer to the IDMC documentation on User Groups.
• After a user logs in to both the test and production environments individually, you must add them to the User Group corresponding to their Manifest group manually.
• When removing a user from the Manifest group, you must also remove them from the IDMC User Group manually.
• If you want to remove the user from the sub-org entirely, you will need to disable them. Refer to the IDMC documentation on disabling users.