Document Management Systems Logo
Help Home      Return to FileHold.Com

User Roles & Access Rights FAQ

FileHold ‘06 document management software provides many means of user authentication and authorization resources across the entire system. Authentication ensures that people are who they claim to be. Authorization uses this information to grant the appropriate level of access control to resources, including applications and the content within each of those applications.

Granular, roles-based security allows the system Administrator to quickly control the exact level of access a group of users will have to the FileHold Library. For example, the 'Sales' group of users may be restricted to have 'Read Only' access to documents in the library. Security access levels can be specified across the whole company or a single department. . We will examine Roles and Groups in the proceeding pages.

What are the different types of user accounts?
There are 2 types of user accounts: Locally Managed Users and Active Directory Synchronized Users. Both types of accounts can co-exist on the same FH Server.


What Is a Locally Managed User?
A locally managed user is an account that does not authenticate or synchronize against Active Directory systems. Instead FileHold Administrators can setup and manage these users without involving complex IT deployment scenarios.

Setting up and configuring FileHold managed users is easy, and perfectly suited for a non technical FileHold administrator
FileHold’s Locally Managed User system leverages two (2) Microsoft based components for application developers called AzMan (Authorization Manager) and ADAM. (Active Directory Application Mode). These components provide security and standardized management functionality without needing to authenticate or synchronize against Active Directory.

Administrators can quickly create user accounts which takes just a minute or two OR activate user self registration for an initial period of time where users can enter full name, user name, and other contact details. (OPTIONAL) Self registration places users into a temporary area where they are assigned to a group that has no permissions or rights to the file library. Then the administrator re-assigns them to a group that provides them with the access they need. If you are self registering a group of people that have identical permissions and content access requirements internally then this temporary security precaution can be skipped entirely.

How are users given access to system functionality?
Users are placed within FileHold Groups. FileHold Groups are created by System Administrators and given a specific name and permissions to system functionality by assigning the Group one of the 5 FileHold Roles. These groups are assigned “roles” that give them specific functionality. More on this topic can be found within the Groups and Roles section of the documentation site.

  1. Read Only,
  2. Publisher,
  3. Publisher+Delete,
  4. Library Administrator,
  5. System Administrator,


How are users given access to content in the system?
Groups and users can be given membership in the FileHold Cabinets, Folders and Schemas that provide control down to the document level. The degree of access users have to content is determined by their role. Use the following link to learn more about the different user roles that ship with FileHold.

What is a guaranteed user?
A guaranteed user has guaranteed access to the FileHold library irrespective of how many other users are logged onto the system. Normally, a user can only connect when a concurrent user license is available.

For example, a company with 40 total (named) users and 20 concurrent licenses means that all 40 people share the same pool of 20 concurrent connections. If 2 of the named users are given guaranteed access then they will each have a concurrent licence dedicated to them ensuring they will always have access to the Library. This means that the other 38 named users will now draw from a pool of 18 concurrent user licenses.

 


Related Links