Overview
There are many security features within IFP which can restrict the actions a user can perform and the data they are allowed to view. These measures can be put in place to ensure your database is secure.
Organisational Unit (OU)
In IFP Enterprise Edition, this is a group of users all of whom share the same permissions/responsibilities. OUs are arranged in a hierarchy. Top level might be “Regional Administrators”, followed by “Power Users” then “Users” beneath that. Each OU has a set of permissions defined by a Group Policy. A typical hierarchy might look like this:
Role
There are 2 built-in Roles in IFP, Administrators and Normal Users. Administrators have access to all features and databases in IFP, whereas Normal Users are limited to the databases specified for their OU and features specified in their OU’s Group Policy.
Note: Be very careful when adding users to the Administrators Role. In IFP Enterprise Edition, this will override all security settings applied to the OU that a user belongs to. Administrators should only be the users that belong to the topmost OU e.g. Regional Administrators.
User
An individual user account in IFP. In IFP Enterprise Edition, Users belong to an OU. These OUs are subject to Group Policies. Users can also have a personal User Profile created for them, per-database.
Group Policy
In IFP Enterprise Edition, this is a set of rules that are used by all members of an OU. Each rule may be Enabled, Disabled or Not Set. Example rules are “Allow Create Databases” and “Allow Manage Users”.
User Profiles
Database user profiles allow higher OU users, e.g. Regional Administrators/Power Users, to grant or deny individual user access to IFP menu items, data files and item codes for OUs below them in the hierarchy. Note that separate user profiles are used for each individual database.
Each IFP database has a default user profile defined, upon which all new user profiles will be based. Higher OU users can quickly reset an individual user's profile to these default settings if required.
Note: All users who do not have a user profile defined will use the default user profile for the database.
For more information on setting up and maintaining the features mentioned here, please see the topics listed under our Configuration and Security section.
Comments
0 comments
Please sign in to leave a comment.