Hi everyone
I have been asked to make a report on user permissions and access.
The tools provided by Laserfiche in the admin console are doing a good job for a global view but I have been asked to go further then that and I wanted to know if you know of some tools or ways to answer some of the possibilities that where requested :
1- We have some groups which are members of other groups, for example:
Group 1 - Entry level
Group 1 - Advanced user
Group 1 - Management
Group 1 - Everyone
All of the first three groups are members of the Group 1 - Everyone group.
When checking for a specific user, Laserfiche will list the correct group which the employee belongs to (for example: Groupe 1 - Advanced user) but not the associated groups which in this case is the Group 1 - Everyone.
As our repository has a lot of cross-grouping, this means that a lot of the actual group associations are lost in the reporting. We would need a way to have a full report of direct permissions but also associated permissions from those groups.
I know I could go to each user and specifically add them the Group 1 - Everyone access but our repository has a few dozen group dependencies and we have many hundred users so yes it's possible but really time consuming. As some people have more than one access, we would also need to do it on a case by case scenario to make sure nothing is unaccounted for.
2- Is there a way to get a complete access report to all the folders that a specific user has (even better if the report gives the access rights to each folder) ? If we can run the report for all users great but if it's a ''one user at a time'' type of tool, it would still be helpful. We also absolutly need that tool to report inherited rights and not just native ones.
Some associations in our repository are not necessarily self explanatory so they give access to more than what can directly be derived from the group name and as such, I have been asked for a way that a department could understand what exactly the users have access to when we give permission to one particular group.
If you know of any other tools that can adress either directly what we need or could provide a place to start or go further than the reporting tools of the admin console, I am glad to hear about it.