Assigning users to groups

You set up permissions by adding groups and defining the permissions for each group. Users then acquire permissions by becoming a member of one or more groups.

Before you begin

For example, users gain database management permissions by accumulating them from all database management groups of which they are a member. The same principle applies to the other types of group. By default, new users have the lowest level of access defined in the database.

To assign a user to one or more groups:

Procedure

  1. Select Security > Security Manager.
  2. On the Users page, select the user and click Edit.
  3. Click the Permissions tab.
  4. Optional: To assign a user to the same groups as another user, click Copy Permissions and then select an active user with the required permissions. The checkboxes display the updated group membership.
  5. Change the user's group membership by turning on or off the checkbox for each required group:
    OptionDescription
    Database management Database management groups allow the user to add, modify, and delete records and folder objects or administer the database. You must assign the user to at least one database management group. To check which permissions are granted, click Show User Permissions.
    Note: A user who does not belong to any database management group has read-only access to the records in the database, and is unable to create any folder objects.
    System access control System Commands Access Control groups deny the user access to specific menu commands or audit their use of specific commands.
    Data access control The user is automatically made a member of all the Data Access Control groups defined in the database. This means that they automatically acquire the lowest level of permissions. Review these groups and, if required, turn off the checkboxes to grant the user additional permissions.
    Folder object control To allow the user to save folder objects in restricted categories, turn on the required Folder Object Control checkboxes.
    Note: At least one administrative user should have membership of all the groups of this type. This is required for a full view of the restrictions on folder objects and the ability to change each restriction individually.
  6. Click OK to save your changes.