Cordaware bestinformed enables you to give specific domain users access to the web interface and assign them Roles with different rights and resources. For example, giving multiple specific users the option to send Infos to specific users and nothing else.
At least one registered domain is required to give domain users access to the web interface. |
The domain users will be defined via Logon Filters. These Filters are then assigned to Roles which contain specific rights and resources the users will have access to. All users (Logon Filters) and Roles need to be assigned to a specific Profile which the users log into. If a user then logs into the web interface via this Profile, he will have access to all assigned Roles and the their rights and resources.
You are able to create as many Profiles as you want but it is recommended to just use one Profile in your environment. This Profile can then be defined as a so-called Default Profile. This means that users are not required to enter a Profile while logging into the web interface and will be automatically logged into the defined default Profile.
Implementation
The following steps generally required to use this feature in your environment:
1.Defining domain users via Logon Filters
To define which user should have access to a Profile and also define which user should get which Role assigned to them, we need to distinguish them by creating Logon Filters. These Filters are used exclusively to define domain users and assign them to Roles and Profiles. More information on how to create them, please refer to chapter Filters >Logon Filters.
2.Creating Roles and assigning the Logon Filters
In order to give the users specific rights, we need to create Roles and assign them to the respective users/Filters. Roles define which rights and resources the users should get.
3.Creating a Profile and assigning users and Roles
Users require a Profile in order to be able to login. Profiles define which users should be able to log into it and which Roles the Profile includes. It's highly recommended to just use one Profile and assign all available Roles and users who should have access to the web interface to it.
Example
The following diagram shows the relationships and assignments of filters, roles, and profiles using a simple example:
Initial situation: The service desk department should be able to send information to a specific target group.
In addition, the service desk leaders, along with these rights, should also be able to create status information, filters and groups
To do this, you must first log the service desk and service desk leaders using filters (Logon).
The Filter Service Desk Manager is then assigned to the two roles Service Desk Manager and Service Desk, whereby the filter Service Desk (all employees) is assigned to the Service Desk role only.
Both roles have different rights. The leaders receive administrative (within the department) and editorial rights.
For example, if Ursula Koch (employee) logs on to the user interface, she automatically receives the Service Desk role with the corresponding rights.
When Robert Fuchs (manager) logs on, he receives both roles Service Desk and Service Desk Manager with the associated rights.
Both roles are assigned to a profile (default profile) under which all employees log on.
This is also set as a so-called default profile, which means that users do not have to specify a profile when logging in and can log in with their AD-ID and password.