You are viewing limited content. For full access, please sign in.

Question

Question

Weblink and AD groups for Authorization

WebLink Laserfiche Version 9 Administration Security
Updated May 4, 2016
asked on May 3, 2016

Is there a way to add someone to an AD group for someone to get access to a folder without having to do anything in Laserfiche?

Currently...

We are have to create a Laserfiche group and link that to a group in AD at the bottom of member tab. Then we have a to create a user in Laserfiche and add their domain account in the general tab. Then we have to add the user to the Lasefiche group. Is there an easier way to do this?

0 0

Replies

replied on May 3, 2016 Show version history

There are three parts to granting a user access to a folder in Laserfiche, and none should require Laserfiche groups in addition to AD groups:

  1. License (e.g., public portal through weblink, named user license)
  2. Access to the repository
  3. Rights to view that folder

 

Depending on how exactly your system is licensed, 1. may vary, so if you want more details there, please let me know.

For 2 and 3, it should be possible to set these up once for the AD group, and have it work for all future users.

To grant all users within a Windows AD group access to repository, you can directly add that group using the "New Windows Account" option and choose to "Trust" that group for login.

To grant all users within a Windows AD group access to a folder (this is assuming desktop Client):

  1. From the Access Rights dialog for the folder,
    1. [desktop Client] select the "Domain accounts" option (see help files for details on these options) and click the ... button to open the directory search tool
    2. [using Web Access] De-select the options other that "Domain groups"
  2. Search for your AD group and click OK
  3. Set security as desired

 

When searching for groups in admin console or the desktop Client, you can use the "Object Types..." option to de-select Users and Built-in security principal to filter out results that are not groups.

0 0
replied on May 4, 2016

Thanks Brianna,

For my Web Access people. I need to add the domain group in the "Domain accounts" box a?

 

0 0
replied on May 4, 2016

Yes, that's where you can enter domain groups. Click the [...] button to bring up the searching. As a note, though, that looks like it's in the desktop Client, not Web Access.

You only need to set rights once in either Web Access or Client for it to be enforced in Web Access, the Client, and WebLink.

For reference, this is what that same dialog looks like viewed in Web Access 9.2:

 

0 0
You are not allowed to follow up in this post.

Sign in to reply to this post.

Details
Related Posts
Loading ...