Date: Thu, 28 Mar 2024 01:36:46 -0700 (PDT) Message-ID: <1459721739.195.1711615006443@docs-lju.6connect.com> Subject: Exported From Confluence MIME-Version: 1.0 Content-Type: multipart/related; boundary="----=_Part_194_1236675060.1711615006234" ------=_Part_194_1236675060.1711615006234 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Content-Location: file:///C:/exported.html
Users
Users & Permissions is accessed from the Admin screen under the
The Permissions structure is designed to give you as much flexibility as= you need to accommodate most use cases. When mapping out the permissions s= tructure for your organization, keep in mind who you want to access to appl= ication:
<= /p>
In this diagram, we have created groups for each of those scenarios =E2= =80=93 we have internal groups, Partner Groups, and Customer groups. Each o= f these groups has access to different resources, permission levels, and us= ers assigned to them.
The components of the Permissions System include:
Users: A User is a = single login account that accesses ProVision. Users are assigned to Groups.=
Groups: A Group is a set= of permission conditions that apply to selected Users. Allowed modules, re= sources and access levels (C/R/U/D permissions) are set inside the Group.&n= bsp;
Resources & Access: = Inside a Group, Resource access may be set to Global TLR (applies to all Re= sources), or to the specific Resource level (applies to only the selected R= esources). For each Resource selected, access permissions can be set with C= /R/U/D permissions under each module area (IPAM, DNS, Resource, Peering).&n= bsp;
As a whole, this makes up the ProVision permissions system. The Pe= rmissions system allows you to fine-tune access to resource data to be as d= etailed as you need.
When you see a reference to a "TLR" - that is a "Top Level Resource". Th= is Is the primary Resource under which all other resources fall under.
By default, all ProVision instances include a "Global Admins" group with= full "TLR" permissions, and a "Global Read Only" group with only read perm= issions on "TLR".
Users with "Admin" access can assign/modify permissions for other users.=
See Global Permissions f= or more details on configuring these elements.
An administrator can also set respective module and C/R/U/D permissions = for a given Resource (single or multiple). These permissions fall under Gro= ups.
A Group is configured for the selected Resource permissions, and User ac= counts are associated with the Group.
See Working With Users t= o learn how Resource Permissions are assigned.
See Resource Permissions= a> for more details on configuring these elements.
In DNS and DHCP, a shortcut permissions button ("Perms") is available on= a per-item level, accessible only to Admin users.
This permissions button allows for direct, point-of-use permissions adju= stments to DNS Groups, Servers, Zones, Records, and DHCP Servers.
It uses the same CRUD permissions and groups available in the Admin User= s tab, but removes the need to remember and search for the DNS item name.&n= bsp;
To open the Change Resource Permissions module, click on the "Perms" But= ton for any DNS item.
Edit the CRUD permissions for any user group by clicking the checkbox fo= r the desired group and permission type.
When done, click "Save Changes". The permission changes will be also be = reflected in the Admin User tab Group settings.