Assigning user rights in Password Depot Server
Posted by on 29 June 2016 18:42
Before you start assigning rights on files and passwords to users and groups, check your default server policies.
These values are extremely important and in many cases cannot be overridden by the individual settings, therefore change them with caution. Normally all the default rights should be undefined as on the picture above, so you can assign rights for every file individually.
Some examples of using the default server policies: if you want to prohibit any printing the passwords completely in the entire organization, then uncheck the flag 'Print passwords'; if all your users should be able to use Password Depot with browser add-ons without any restrictions, you can check the flags 'Auto-fill web forms using browser add-ons' and 'Accept new passwords from browser add-ons'.
After that you can grant rights on a file to a user or group.
On the tab 'Security' click the button 'Add' to add a user or group or select an existing user/group in the list. Then edit permissions using the columns 'Allow' and 'Deny'.
If the option 'Read file and passwords' is allowed, the user will be able to see the file in the list of files, receive the file and read all the passwords and folders in the file (unless you do not restrict access to the individual passwords and folders). If you check 'Read file and passwords', the option 'Access file' is also checked automatically.
If you allow 'Access file' and do not allow 'Read file and passwords', the user will able to see and receive the file from the server but all the passwords will be hidden from them except those which are allowed individually (see below).
Common permissions on the entire file can be edited here and all of them in the dialog 'Advanced.
Read passwords – user can read passwords and copy them to clipboard.
Use passwords – user can use passwords with the command 'Protected Sign In' in Internet Explorer.
Modify passwords – user can edit and change the password entries and some file objects, like templates, custom icons, etc.
Add passwords – user can create new password entries.
Delete passwords – user can delete existing password entries.
Use Auto-complete function – user can execute auto-complete of external windows and web forms.
Auto-fill Web forms using browser add-ons – user can fill web forms in browser automatically
Accept new passwords from browser add-ons – user can create new passwords from the add-ons.
Print passwords – user can printout the passwords in open form.
Export passwords – user can export passwords in XML or other formats in open form.
Save password file locally – user can make local copies of the file as well as backup copies.
Grant access rights – user may connect to the server using the control panel and assign rights on this file to other users.
On the second tab you can assign permissions on the individual folders and passwords to the user.