Manualshelf

Setup Guide Part 1

ManualsBrands7signal ManualsElectronicsAccess point
21222324252627282930
8 7signal solution 13
7signal Solutions, Inc., 526 S. Main Street, Akron, Ohio 44311, USA, 855-763-9526, info@7signal.com, www.7signal.com
7signal Sapphire Carat User Guide Release 5.0
8 USER MANAGEMENT
User management in 7signal Sapphire is based on user groups. A user's access rights in the
system derive from the user group that the user belongs to. A user may belong to one or more
user groups.
In addition to normal user management the Sapphire system supports user group specific view
virtualization. The system can be configured so that different user groups have access to
different objects that have been created into the system. For instance, one user group may
have access to all objects and two subgroups of that group may only have access to a portion
of all objects. It is also not necessary for the subgroups to have access to any of the same
objects.
User management is also restricted in the same manner as object management. An
administrator user only has access to the users created to subgroups in addition to any users
belonging to the same administrator group he/she belongs to.
Users belonging to the Sapphire admin group have access to the entire system.
8.1 User Groups and object permissions
Almost every object created in the Sapphire system includes an access control list (ACL). An
object's ACL is mainly determined by the user group of the user that creates the object in
question.
Note that objects are also created through automatic testing. For example access points,
wireless clients and alarms created this way. Objects created as a result of automatic testing
inherit their ACL from the Eye that conducted the test.
The Sapphire system also includes the functionality to transfer access rights of objects from
one user group to another.
8.2 User Group hierarchy
The Sapphire system supports two types of user groups: normal user groups and referencing
user groups.
A normal user group can be created either as a new root group or as a subgroup to an already
existing user group. When new groups are created as subgroups under an existing user group,
the existing group inherits access rights to all objects that its subgroups have access rights to.
This inheritance rule applies to the whole user group hierarchy meaning that the root user
group in a hierarchy gets access rights recursively from all subgroups. Access rights of
referencing user groups are not inherited in this way.
A referencing user group can be created for any group except the Solution Administrator
group. A referencing user group always has the same access rights as the user group it
references. The only difference is that a referencing user group cannot be granted the same
access level as the group it references. A common use for a referencing user group is to have it
reference for example an organization’s configuration group. This way the referencing group’s
users can view the configuration group’s objects, but cannot configure the system.