VSys One: Volunteer Management Software

Previous Topic

Next Topic

Book Contents

Book Index

Security Roles with Domain Authentication

In addition to authenticating users against Active Directory, VSys can also assume security roles for users based on the Active Directory groups those users are members of. By associating Active Directory groups with VSys security roles, users derive rights not only from their explicitly assigned rights and roles but also implied roles. When a user logs into VSys Security, and that user is not a non-domain login, VSys:

These temporary roles are added "after" any explicit security roles given to the user, and these temporary roles are not given to the user in any specific order. (A VSys Security role may subtract from a user's rights, so be careful that you don't make assumptions about the order of domain-implied roles.)

In the example below, making an Active Directory user a member of the group "VSys One administrators.vsysone.com" would give that user the VSys Security role "Administrator" at login.

Note that inherited/implied Active Directory groups are not permitted: to meet the criteria here, the user must be explicitly and directly in all of these groups.

See Also

User Security Rights - Advanced Mode

User Security Concepts - Advanced Mode

Default User Rights

User Security Rights Inheritance - Advanced Mode

Security Roles

Tools

People

Special Rights

Jobs

Notifications

Certifications

Application Forms

Application Form Approval Statuses

Projects

Custom Fields

Delegations