You are viewing limited content. For full access, please sign in.

Question

Question

Add/Remove User Request using LF Form + LF Workflow.

Workflow Forms Administration
Updated August 15, 2014
asked on August 7, 2014

Hello Everyone,

 

I am trying to brainstorm here to come up with more efficient way to solve a used case. Let me briefly explain the used case first:

 

This is for AP Automation where AP Team sends out an invoice to the approver and they will then make their decision and send it back to AP Team. Often there are requests from AP Team to IT to add new approvers to the AD Group and set up the access rights so that this new approver can only see his own folder. Its a hassle for IT Admins to manage this as it happens very frequently.

 

So I am trying to come up with a way where we can either make AP team Self sufficient so that they can handle adding and removing of users (without giving them access to the AD Groups). OR Come up with an automated way to handle this.

 

My thought:

I am thinking of creating a LF Form that will capture the Last Name and First Name of the New Approver, this new approver information will then be passed on to a WF where I can add user as a trustee and assign it and appropriate group with required access rights to his folder. My dilemma is how do I remove one of the existing license and replace it with this new license? Is there an automated way of handling that? or this has to be done in admin console manually?

 

Any suggestions or inputs are appreciated!

Thank you!

 

Best,

Himanshu

0 0

Replies

replied on August 11, 2014

It sounds like this might be just as much an issue of licensing as of security. Do these users have named user licenses? Licensing is a separate issue, and isn't easily automatable. 

 

If it's just a matter of security, the easiest way to handle it is probably to give the "Read entry security" and "Write entry security" access rights to the AP team for the folders they'll be governing. Then, they can grant and revoke security rights for approvers as needed without having to contact IT. Note that IT will still have administrative access to the AP folders. We call this "disciplined autonomy": giving departments and groups the ability to manage their own processes and documents while leaving ultimate control of the repository in the hands of administrators. 

 

If you're looking for a way to automate the process, consider using the "Assign Rights" activity in Workflow. This allows Workflow to grant and revoke entry access rights to folders or documents. You could have the AP team add the approvers to a list of users in a multivalue field attached to a parent folder and have Workflow add (or remove) rights as needed.

1 0
replied on August 7, 2014

Please try adding and removing using from the Windows AD group and have Laserfiche server sync from that Windows AD group.

0 0
replied on August 15, 2014

Hi Himanshu, 

 

If your question has been answered, please let us know by clicking the "This answered my question" button on the response.

 

If you still need assistance with this matter, just update this thread. Thanks!

0 0
You are not allowed to follow up in this post.

Sign in to reply to this post.

Details
Related Posts
Loading ...