Entitlement groups allow easier management of entitlements across a group of users. The entitlements that the group's users are allowed to access are defined by the Allowed Products list.
Users will be denied access to products outside of that defined list unless the user is in another group that allows access (see What happens if a user is in multiple Entitlement groups?).
If the Allowed Products list is empty, as it will be when first setting up a group, it's assumed that the configuration is still in progress, so the empty list is not applied. This means that users in the entitlement group will not be blocked from all products if the list is empty. It will try to apply previous configured exceptions from the old-style groups, if any exist, or apply the access setting from the country-level.
- How to create a new Entitlement Group
- How to enable Entitlement group changes
- How to add Allowed Products to restrict users in a group to a strict list of entitlements
- How to extend a user's entitlements to include the Entitlement country entitlements plus the group's list Allowed Products
- What happens if a user is in multiple Entitlement groups?
How to create a new Entitlement Group
To create a new Entitlement Group please follow the steps described in this article.
How to enable Entitlement group changes
To enable the changes described above, at least one product needs to be added to the Allowed Products list. Otherwise, all entitlements available to the account will remain available to the group users.
You can either add allowed Products or convert previously set entitlement group exceptions.
How to add Allowed Products to restrict users in a group to a strict list of entitlements
1) Login to https://subscriptionservices.bentley.com/ with a user that has an Account Admin or Co-Administrator role
2) Navigate to Entitlement/License Management (https://connect-entitlementmanagement.bentley.com/#!/Account/SubscriptionInformation) from the Enterprise portal Entitlement/License Management tile or left navigation menu
3) In the left navigation menu under the Users and Groups icon select Allowed Access Group https://connect-entitlementmanagement.bentley.com/entitlement/groups
4) Click on a previously created Entitlement group name and you will see the following:
5) Start typing in the product search and a dropdown will appear:
6 ) Select the Allowed Products tab, click on the Search field - there is a toggle to switch between 'All products' and 'Covered' products.
7) In the Search field search for an product that you want this group to HAVE access to. Select the product and click on a blue plus sign:
8) Selected product appears on the list. You can repeat this to add many products in one go:
9) Leave the option to Include Allowed products from the entitlement country turned off.
NB If this option is left off please note that the Entitlement group will only allow access to the Products added to that Entitlement group and no other products.
10) Once the group has at least one product in the Allowed Products list, all other products are blocked for Activation Keys and Group Users associated with this group.
How to extend a user's entitlements to include the Entitlement country entitlements plus the group's list Allowed Products
Follow the same steps to How to add Allowed Products to restrict users in a group to a strict list of entitlements, but enable the option to Include Allowed Products from the Entitlement country.
Turning on this option will provide the users in the group all of the ALLOWED entitlements (Products with default access "Denied" will not be included) from their Entitlements country plus any of the Allowed Products explicitly added to the group. Allowed Products added to the group will override any "Denied" access settings for the products that might have been set at the Header or Product level.
This is a good way to limit who can access certain products as they can be Denied for everyone else in the organization by using the Product-level or Default-level access controls and Allowed (by adding to the Allowed Product list) only for the users in a particular Entitlement group.
Include Allowed Products from the Entitlement country option is also shown in the Entitlement Groups list, Allowed Products Included column. Products column in the same page shows the number of products enabled for the Entitlement group. It does not add products from Entitlement Country when such are enabled.
Note: it's important to keep in mind that all Allowed entitlements are additive across all of a user's Entitlement groups. If a user is in multiple Entitlement groups, that user will have access to all of the Allowed entitlements defined by all of their groups together. If the option for Include Allowed Product from the Entitlement country is turned on for one of the user's groups, even if it's off for the other groups, the user will have access to all the Allowed products for their Entitlement country as well as all of the products in the Allowed Products list for all of their groups.
What happens if a user is in multiple Entitlement groups?
The same user can belong to several entitlement groups (all belonging to the same Entitlement Country). In such cases, the list of entitlements that the user is allowed to access is defined by all the groups together. In other words, products that are available to at least one group will be available to the user.
Example: a user belongs to two groups A and B. MicroStation is in the Allowed Products list in group A but not in group B. The user can use MicroStation.
Please ensure that users refresh their licensing policy either by logging out of Connection Client, logging back in again and from the license tool go to tools and refresh policy once any changes have been made to Entitlement groups. Licensing policy updates automatically after 4 hours once a user is logged into Connection Client. This needs to be done on each individual machine as licensing policy is unique to each machine.
Other Language Sources
Managing Server Access Key access with Entitlement Group
More detailed information can be found in Bentley Communities