Windows Security Model

When working with Windows Security your users and potential user groups have already been created as part of the domain. (Please refer to the appendix for further explanation on creating users and groups in the Active Directory).

Best Practice

We strongly recommend working with Windows Security, where possible.

Best practice would then be to create a number of Active Directory (AD) Groups e.g. “TARGIT Designer Users”, “TARGIT Consumer Users”, “TARGIT Norway Sales Office”, “TARGIT Sweden Sales Office” etc. These AD groups will then be added to TARGIT Management with appropriate Rights and Roles.

Example:

Active Directory Group

Purpose

TARGIT Designer Users

Members of this group should be given “Designer User” Rights. No limitations with regard to Roles (data).

TARGIT Consumer User

Members of this group should be given “Consumer User” Rights. No limitations with regard to Roles (data).

TARGIT Norway Sales Office

Members of this group should be limited to see Norway data only through a Role with a Forced Norway criterion. No limitations with regard to Rights.

TARGIT Sweden Sales Office

Members of this group should be limited to see Sweden data only through a Role with a Forced Sweden criterion. No limitations with regard to Rights.

From the example above, by adding an individual person to multiple AD groups, you can create e.g. a Designer user with access to Norway data only.

Once these AD groups have been created and added to their appropriate TARGIT Rights and Roles, they will require only a minimum of administration. Your job, as an Administrator, will then mainly focus on adding, moving or removing individual persons from the AD groups only.

Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.