Question

Impersonate a user

Laserfiche Forms Administration Security Version 11

Updated August 24, 2021

asked on August 24, 2021

Is it possible for a Forms System Admin to impersonate any user in forms to:

1. Logon as that user without their credentials for testing/troubleshooting purposes

2. We have alot of forms available and alot of staff turnover. It would be much easier to impersonate an ex-employee and reassign all the tasks to the replacement rather than hunt them all down one Business Process at a time.

The same type of impersonation would be helpful in the repository as well.

0 0

Replies

replied on August 24, 2021

Under the monitor tab you can filter tasks by username and reassign them that way. I don't believe you should ever be able to impersonate another user. This would deem a system untrustworthy for approvals if you could.

3 0

replied on August 24, 2021

Hi Elexis,

Thank you for pointing that out! I couldn't get the Assigned To column to sort but realized I needed to switch to Tasks. In a way, I disagree that impersonation deems the system as untrustworthy as it should be able to indicate in audit logs that it was impersonated. As a system admin I can get to anything I want anyway but just not easily. This would be super helpful for testing out forms and lookup rules etc...

1 0

replied on August 24, 2021 • Show version history

I'd have to agree with Elexis. Impersonation is very different from administrative access, and being able to impersonate a user's actions directly isn't really something that you find in many applications for security reasons.

The more common approach is to provide admins with things like the "effective access" tools you find in Windows or the Laserfiche repository where you can evaluate permissions and such from the perspective of a selected user, but not actually spoof their identity outright.

3 0

You are not allowed to follow up in this post.

Question

Question

Impersonate a user

Replies

Sign in to reply to this post.