Show/Hide Toolbars

Thereforeā„¢ Help

Reference > Solution Designer > Access

Users and Groups (Thereforeā„¢ Integrated Security)

Scroll

It is possible to create users and groups directly in Thereforeā„¢ that are totally independent of Windows Active Directory or LDAP/LDAPS. However, existing Active Directory or LDAP/LDAPS users and groups, that are associated with Thereforeā„¢ (e.g. used in a workflow), will also be listed. Mixed security must be enabled to use Thereforeā„¢ internal users (see the tutorial for more details on creating internal users and groups).

 

note

If mixed security is enabled, then the email address or domain/username must be used when assigning users in a workflow.  Where mixed security is not used, the username is sufficient to identify the user.

If mixed security is enabled, then for Active Directory or LDAP/LDAPS users the DOMAIN\username must be specified when using Thereforeā„¢ Web Access. For internal Thereforeā„¢ users the username without domain should be used.

Note that NT-group membership is cached by the Thereforeā„¢ Server. If you add a group, add or delete users in a group, or move users from one group to another, this information will not be updated immediately in Thereforeā„¢. You must either restart the Thereforeā„¢ Server service or open the Thereforeā„¢ Console and clear the Server Cache, choosing "NT user-group membership" as the Information Type.

 

Right-clicking on the Users and Groups object opens a context menu from which the Security can be accessed.

 

Security

View and edit role-based access for anything below this node.

Tutorials: Role-based access

SD_R_Design_UsersandGroups_001

Right-clicking on the Users object opens another context menu.

SD_R_Design_UsersandGroups_002

New User...

The User Properties dialog is opened and a new user can be created.

 

New SAML User...

The SAML User Properties dialog is opened and a new SAML user can be created for integration with identity federation services.

 

Show Disabled Users

By default the list does not show disabled users. By selecting this option disabled users will also be displayed.

 

Thereforeā„¢ users and groups are differentiated with the icon usericon. A right-click on a user will open a further context menu.

SD_R_Design_UsersandGroups_003

Reset Password...

The Set Password dialog is opened and the password can be changed.

 

Disable Users

By selecting this a user will be disabled. The user can be enable again in the same way or via the Properties.

 

Delete All Login Tokens

Deletes all login tokens for the user if he/she has selected automatic login. The user will need to re-enter their credentials at the next attempted login.

 

Properties

The User Properties dialog is opened.

 

Right-clicking on the Groups object opens another context menu.

SD_R_Design_UsersandGroups_004

New Group...

The Group Properties dialog is opened and a new group can be created.

 

New SAML Group...

The SAML Group Properties dialog is opened and a new SAML group can be created for integration with identity federation services.

 

Add Groups

Groups, for example from Active Directory can be added.

 

Right-clicking on a group opens a further context menu.

SD_R_Design_UsersandGroups_005

Delete...

Groups can be deleted. External groups, for example from Active Directory, will of course only be deleted from this list and will not be otherwise affected.

 

Properties

The Group Properties dialog is opened.