Setup Folder Permissions
Included is an explanation of the permission structure, and a few sample folder structures are provided. These will give you ideas towards setting up your organization's permissions.
Other Related Topics:
Explaining the Permission Structure
The permission structure is hierarchical, so that assigning access in a folder (e.g. Root), diffuses down to all Folders/Subfolders/Entries beneath it (see example in next section).
Simply assign user/role access to the highest level of folder tree, and the permission will automatically spreads downwards to the whole subtree underneath, providing access to all subfolders and all credentials within those folders.
Also, new subfolders or credentials in these folders will also be automatically accessible. This continues until the permission inheritance is manually Blocked.
Administration Role: Since the default Admin user is assigned the powerful Administration Role on the Root folder, it will have access to everything below it, until the permission inheritance is manually Blocked, see above link for more details.
For examples of using restricted administrative users, see: Limited Admin Access
User Role: By default users are given the User role. Providing access to this role is giving access to everyone.
Separation of Department Teams can be accomplished by your folder structure.
By adding branches under the Root folder you could have:
- Client 1
- Client 2
- Common Shared
- Guest WiFi
- Accounting Sub1
- Accounting Sub2
- Payroll (Blocked)
- Sensitive (Blocked)
- Private Folders
- User/Role A: with "User Access" on Root
- will inherit access to all the department folders including: IT, Accounting, HR and subfolders
- User/Role B: with access on IT
- will have access to Infrastructure
- User/Role C: with access to IT and HR
- will not have access to Accounting
- User/Role D: with access on Accounting Sub1
- will only have access to Accounting Sub1