In the main menu Server -> User permissions dialog, user credentials for different items (Jobs, Tasks, Triggers, Notifications, Client settings, Server settings, Time exceptions, User administration and Log) are handled.
VisualCron uses an internal system for authenticating and giving permissions to different objects within VisualCron. The internal system can be extended with users or groups from Active directory to provide a more seamless login.
A user is a set of username and password. A user can belong to one or more groups. The actual permissions is located in the group. By default, there is a "Administrators" group which can do everything. You can create your own groups to control in rights in detail for the users that belong to that group.
By default the internal system is used. To enable Active Directory support you need to enter Server settings->Users/Logon.
Manage Servers->Add connection
When creating the Server Connection you also need to check "Use Active Directory logon". This way you tell the Client to use AD user login method.
The main dialog of the User permissions window lists all users and AD groups that are allowed to connect to this server. Use the Manage user permissions toolbar Add, Edit, Clone or Delete to perform actions against the list. Clone makes a shallow copy, a new user with the same permissions as the original user/group.
A user can be active (green check icon) or inactive (red cross icon). When active, the user is granted to login with the predefined permissions.
The Add, Edit, Clone or Delete buttons are context sensitive to the tab you are in. If you want to add an AD group you need to select that tab and then click Add.
When you add, edit or clone a user you are presented with the Add/Edit user window.
Add Users->Credentials tab
Is AD user
You can select users from the active directory by clicking on the Search button next to the Name.
User permissions from AD Group
It is possible to inherit the permissions from the Groups tab of the AD group. This is enabled by default if user is created from a group. If unchecked, the Groups tab, from the Add user window will be used instead of the settings from the AD group.
This is the name that will be seen in the Manage users list, logs and "created by"/"modified by" in the Job list.
This is the username which is used at login.
This is the password which is used at login.
In a future version of VisualCron, the email field will be used for an administrator to send a reminder of the login credentials.
If the current user is active or not (login enabled).
Add AD group->Credentials tab
The AD group name. This can not be altered manually - you need to search and select the group.
If the current group is active or not (login enabled).
Let users inherit (not clone) permissions
Whenever an AD user logs on that belongs to an existing group the AD user is created in the AD user section. By default, there is a reference to the VisualCron group permissions from the AD group in the new AD user. But you can also uncheck this to be able to set specific group permissions after (so that it not references).
A user can belong to one or more groups. The groups contains the actual permissions. If a specific permission is requested and granted in any of users groups the user is granted to the specific permission.
Name of the group.
Default group for new users
If this group should be the default group when a new user is created.
Name of the group.
A permission can have the following attributes:
•"Read" - Allows the object to be viewed/showed in some way. This can be a window or a list
•"Add" - Allows the user to add and object to a list
•"Edit" - Allows the user to edit an object in a list or window
•"Delete" - Allows the user to delete an object from a list
•"Execute" - Allows the user to run/execute something
Not all permissions has, for obvious reasons, all attributes available. For example, permission "Log" can only be viewable or not and has, therefore, only the "Read" setting is available for change. When a setting cannot be changed for a permission it is grayed out/disabled.
For each permission, use the select boxes to update the valid attribute types. Your changes to a user will be saved when clicking OK.
Overriding group permissions
From version 6.1.2. permissions can be overridden on Job level so you can set specific permission for a group on a specific Job.