You can import individual groups of users from an LDAP Server, and assign a user type to
them. All groups must have a valid LDAP account before they can be imported. A user group is used to
calculate the effective permissions when the user type is selected as Inherit
access.
Before you begin
After you import an LDAP group, users from that group will automatically be created as a user
when they first log in, if the default user type is rsquo inherit "rsquo".
About this task
User role: Product Administrator
Procedure
- Go to the Administration view.
- (Windows™ only):
On the General Settings page, click Edit Enterprise Console
Settings and configure the LDAP server or domain and
the LDAP group query fields and click Done.
- On the Users and Groups page, click Import Groups.
- Select an Import Type from the list, select the user groups,
and click Import.
- Select the Default User and set the access permissions
to "Inherit Access", and click Apply.
Note:
- When a user logs in for the first time, they will automatically
be assigned the user permissions associated with the groups they belong
to.
- Nested groups are not supported. If a user belongs to more than
one LDAP group, they will inherit the permissions of the top level
of the group hierarchy they belong to.
- You cannot assign a license type to a group.
- Groups are supported only when the authentication mode is configured for LDAP. If it is Windows
authentication, then Groups are not supported.
Results
When a user logs in to the Enterprise Console, they will inherit
the permission that their group has. When you assign or change folder
access privileges for the group, that user will have access to it
if their group does. When a user creates a content scan job, the Enterprise
Console will check their scanning permissions of the group they belong
to.