Nexeed
    • Introduction
    • User manual
      • Condition monitoring and its tabs
        • Live
        • Counters
        • Measurements
        • Events
        • Rules
        • View configuration
        • Details
      • Rules management
        • Rule types and standard functions
        • Rule details
      • Function configuration
      • Condition Monitoring widgets
      • Access Management
        • Application Roles
        • Fine-Grained Access Control and Configuration
        • How to Configure Organization Roles
    • Operations manual
      • Overview
      • System architecture and interfaces
        • System components
      • System requirements
        • General notes
        • cm/condition-monitoring-core
        • cm/rule-service-app
        • cm/rule-function-executor
        • cm/rule-result-aggregator
        • cm/rule-value-aggregator
        • cm/rule-value-provider
        • cm/stateful-function-executor
      • Migration from previous versions
        • Migration to 2.1+
        • Migration from CPM 1.5.4 to CM and RM 3.0.x (Nexeed IAS 2023.02.00.xx)
          • CPM to CM relational database migration
          • CPM to RM relational database migration
          • CM Influx database migration
          • Deletion of an old CPM installation
        • Resources mapping from MES to IAS Condition Monitoring
        • Migration to 4.0.0+ (Nexeed IAS 2024.01.00.xx)
        • Migration to 4.3.x (Nexeed IAS 2024.02.01.x)
        • Migration to 4.5.x (Nexeed IAS 2025.01.00.x)
        • Migration to 4.6.x (Nexeed IAS 2025.01.01.x)
        • Migration to 4.8.x (Nexeed IAS 2025.02.00.x)
        • Migration to 4.9.x (Nexeed IAS 2025.02.01.x)
        • Migration to 4.10.x (Nexeed IAS 2025.02.02.x)
        • Migration to 4.11.x (Nexeed IAS 2026.01.x)
      • Setup and configuration
        • Manual MACMA configuration after setting up a new tenant
        • RabbitMQ
        • Influx configuration
        • Kafka topics
        • Condition Monitoring - Helm Configuration
        • Advanced configuration parameters
          • cm/condition-monitoring-core
            • Common shared variables
            • Portal shared variables
            • MDM shared variables
            • RabbitMQ shared variables
            • OTEL shared variables
            • Graceful shutdown shared variables
          • cm/rule-service-app
            • Rules Management shared variables
            • KAFKA shared variables
          • cm/rule-function-executor
          • cm/rule-result-aggregator
          • cm/rule-value-aggregator
          • cm/rule-value-provider
          • cm/stateful-function-executor
      • Start and shutdown
      • Regular operations
      • Failure handling
        • Rule Management Light Helm installation failing when Kafka is disabled or Kafka is not configured at all
        • User manual injection into Rule Management
        • Infrastructure outages: health verification Endpoints
        • OPP/PPMP are not received in CM
        • Master data (Devices, Facilities, Measuring Points, DeviceTypes) is missing in CM
        • Condition Monitoring Domain is missing in Ticket Management
        • CM is not visible in the portal
        • How to verify if the broker is out of sync
      • Backup and Restore
      • Logging and monitoring
        • General logging characteristics
        • Required monitoring
        • General logging format
        • Request-based logging format
        • Security logging format
        • Lifecycle logging format
        • Module health Endpoints and K8s probes
      • Known limitations
    • API documentation
      • Condition Monitoring HTTP API
      • Rules Management HTTP API
    • Glossary
Condition Monitoring
  • Industrial Application System
  • Core Services
    • Block Management
    • Deviation Processor
    • ID Builder
    • Multitenant Access Control
    • Notification Service
    • Ticket Management
    • Web Portal
  • Shopfloor Management
    • Andon Live
    • Global Production Overview
    • KPI Reporting
    • Operational Routines
    • Shift Book
    • Shopfloor Management Administration
  • Product & Quality
    • Product Setup Management
    • Part Traceability
    • Process Quality
    • Setup Specs
  • Execution
    • Line Control
    • Material Management
    • Order Management
    • Packaging Control
    • Rework Control
  • Intralogistics
    • AGV Control Center
    • Stock Management
    • Transport Management
  • Machine & Equipment
    • Condition Monitoring
    • Device Portal
    • Maintenance Management
    • Tool Management
  • Enterprise & Shopfloor Integration
    • Archiving Bridge
    • Data Publisher
    • Engineering UI
    • ERP Connectivity
    • Gateway
    • Information Router
    • Master Data Management
    • Orchestrator

Nexeed Learning Portal
  • Condition Monitoring
  • Operations manual
  • Setup and configuration
  • Manual MACMA configuration after setting up a new tenant
preview 4.11.0 4.10.1 4.10.0

Manual MACMA configuration after setting up a new tenant

Each application integrated in Nexeed IAS brings some roles and permissions and needs some roles and permissions from other integrated applications.

The basic IAS deployment takes care of the role assignment to the applications in the default (BCI) tenant.

Since Nexeed IAS is a multi-tenant system, we have to take care of the role assignment to the applications in the newly created tenants. As this step is currently not automated, it must be done manually for the time being.

Service account roles provided by Condition Monitoring (CM)

CM provides roles that need to be set per tenant.

Machine data sender

Required

Yes
Domain

Condition Monitoring
Description

Enables actors, like the Information Router, to send measurement and machine messages via HTTP to CM.

Service account roles needed by Condition Monitoring (CM)

CM requires several roles that need to be set per tenant.

User Reader (user-reader)

Required

Yes
Domain

Multitenant Access Control
Description

Enables CM read user and tenant information.

Equipment Administrator (Admin)

Required

Yes
Domain

Master Data Management
Description

Enables CM to read, add and delete equipment master data.

Portal Registration (Portal_Registration)

Required

Yes
Domain

Web Portal
Description

Enables CM to register in the Portal.

Data Publisher Registration (DataPublisherModuleRegistration)

Required

Yes (if Data Publisher module is installed)
Domain

Data Publisher
Description

Enables CM to register data types in the Data Publisher.

Deviation Processor Detector (DeviationProcessorDetector)

Required

Yes (if Deviation Processor module is installed)
Domain

Deviation Processor
Description

Enables CM to send deviations to Deviation Processor.

Ticket Context Registrar (ticket-context-registrar)

Required

Yes (if Ticket Management module is installed)
Domain

Ticket Management
Description

Enables CM to register its domain specific attributes (ticket context) in Ticket Management.

CM Domain Context Registration in Ticket Management

Normally, domain context registration in Ticket Management is performed automatically for each tenant that includes both Condition Monitoring and Ticket Management modules during the startup of the Condition Monitoring module.

Additionally, when a new tenant and contract are created with Condition Monitoring and Ticket Management modules, or when a new contract is created with only Ticket Management for an existing tenant, the domain context registration is also handled automatically.

However, if the service account role Ticket Context Registrar is not assigned to the Condition Monitoring module after tenant creation within the retry period (default 3 hours), you must register the domain context in Ticket Management manually:

  • Assign the service account role Ticket Context Registrar to the Condition Monitoring module for the specific tenant to complete your tenant configuration.

  • Assign the Ticket Context Registrar role to your user.

  • Obtain a token with the Ticket Management scope.

  • Call the Ticket Management API for domain context registration to register manually.

MDM reload for the new tenant

Condition Monitoring (condition-monitoring-core)

Admin Rest API to control reloading of device master data from MDM for a specific tenant:

  • e.g. in case it is a new tenant configured after installation

  • e.g. you want to synchronize the device master data for this tenant

  • e.g. a manual change is done in MDM database

    1. Get Token for Condition Monitoring

    2. call POST {URL}/cm/core/v1/{ownerTenantId}/mdm/reload → needs Condition Monitoring Administrator Role

Rules Management (rule-service-app)

Admin Rest API to control reloading of device master data from MDM for a specific tenant:

  • e.g. in case it is a new tenant configured after installation

  • e.g. you want to synchronize the device master data for this tenant

  • e.g. a manual change is done in MDM database

    1. Get Token for Condition Monitoring

    2. call POST {URL}/cm/rm/rule-manager/v1/{ownerTenantId}/mdm/reload → needs Rules Management Administrator Role

Contents

© Robert Bosch Manufacturing Solutions GmbH 2023-2025, all rights reserved

Changelog Corporate information Legal notice Data protection notice Third party licenses