The Digital.ai Agility application ships with a built-in user with the username "admin". This user is, by default, granted a System Admin role in the "System (All Projects)" container project, which would give this user inherited System Admin roles in all projects created in the system.
In the database, the default admin user account is
OID = Member:20, so you will always be able to find it in a direct database query, or if you need to reset the password.
The default admin user account also does NOT consume a license. It will not count against your existing license count, so there is not really a need to disable it for license reasons.
The default admin user account can be controlled the same as any other user in the system. Another System Admin can change its roles in projects, and even remove them from projects. It is not a super-user account in that respect, as it has to obey the roles and permissions of the application the same as everyone else.
You can assign work to the default admin user account and the user can participate in all the processes the same as any other user.
You can inactivate the default admin user account if that is your choice. You can also rename the username, change the password, and modify any field of the user record as well. The system identifies it by the OID (
Member:20) and not the username or any other info. We strongly recommend against changing this record though (other than the password) and in our experience, it is best to not use the default admin user account as a regular user. The reason is because if you experience license issues, then the default admin user account would be the only account that can log in, and that is necessary to troubleshoot issues.
The default admin user account is not an all-powerful user. The only things that separates it from a normal user with System Admin roles and privileges is:
- it does not consume a license and comes with the default System Admin role in System (All Projects).
- it is the only account that can log in once your V1 license expires or when the number of users in V1 exceeds the number of licensed users.
In the latter case, the admin can be used to inactivate some users to bring the number of active users back in compliance with license limits and allow other active users to use the system.
As far as actual work in projects or in the backlog, it cannot do anything else that a normal System Admin can do.
If you have modified the default admin user account and need to recover it or reset the password, please contact firstname.lastname@example.org and we can help with that process.
Windows Integrated Authentication and the Admin account
When a local install has configured Windows Integrated Authentication as their primary authentication method, there is a step during the install process where the admin doing the install is asked to input a domain user's credentials to link that account to the
OID = Member:20 admin account.
This will setup that OID so that when the user logs in they will log in to V1 as the default admin user. Their user account is basically attached to that OID=20 user record.
That user now has all the abilities that were discussed above. Some teams choose to attach a system user to that record rather than an actual person. This is entirely up to your team.
When using SSO in a hosted instance, the
OID=Member:20 account will behave the same way. The record will have a user attached to it during the SSO setup. This would be discussed during the initial SSO setup call with our Hosted Production team.