You are viewing limited content. For full access, please sign in.

Question

Question

assign users access rights windows authentication

Administration Security
Updated June 2, 2014
asked on June 2, 2014

 I have an active directory group of users who should only have access to one folder in a repository. In the repository access rights in the client, I have this group set to deny all access to subfolders and documents. In the folder that they need to access, I've added the group and given them the access rights they need.

 

When one of the users in the group logs into the repository using windows authentication, she has full access to all folders. I've looked up her effective rights in the client, it it's showing that she doesn't have any rights granted on any of folders except the folder I've actively granted her rights.  In addition to this, the user is able to access security settings at the folder level, despite not having any assigned privileges.  Any idea what is going on?

0 0

Answer

APPROVED ANSWER
replied on June 2, 2014

After the user logs into the repository using the Client, you can see what actual account she logged in as by looking in the lower right corner of the Client window.

 

Can you confirm if that is displaying her Windows account or is it displaying a specific LF user account? If it's an LF user account, then please confirm if the Windows account is improperly configured to be linked to that LF user. If the LF user is ADMIN and there aren't any linked domain accounts associated with ADMIN, then the other possibility is that there is no password set for the ADMIN user.

0 0

Replies

replied on June 2, 2014 Show version history

first thing that pops into my mind is that her userid is associated with a local user. This always overrides a domain user.

 

 

If you scroll to the right on your list of local users in admin console there should be a column that says "domain users". If anyone has been assigned to any of your local users you'll see stuff in that column.

0 0
replied on June 2, 2014

She's not listed as a domain user in the admin console, but it appears that her local instance of the client is running under an admin account.

 

Any idea how this could have happened? Her client was recently installed.

0 0
APPROVED ANSWER
replied on June 2, 2014

After the user logs into the repository using the Client, you can see what actual account she logged in as by looking in the lower right corner of the Client window.

 

Can you confirm if that is displaying her Windows account or is it displaying a specific LF user account? If it's an LF user account, then please confirm if the Windows account is improperly configured to be linked to that LF user. If the LF user is ADMIN and there aren't any linked domain accounts associated with ADMIN, then the other possibility is that there is no password set for the ADMIN user.

0 0
replied on June 2, 2014

Checked again, and the windows account was linked to the admin account via another group. Thanks for the help.

0 0
You are not allowed to follow up in this post.

Sign in to reply to this post.

Details
Related Posts
Loading ...