Products Crypt-o Online help Crypt-o online help - User management
 |
User management |
|
Crypt-o allows to define user accounts and assign needed permissions to them. User and group accounts from a Windows domain can be used as well. In that case, user credentials will be checked using Windows domain authentication.
To manage user accounts, choose Tools > Administrative tools from the menu. Then click on the User management link in the Administrative tools panel.
NOTE: Only users with the System administrator permission can manage user accounts.
The User management window
To add a new user account choose Action > New user... from the menu.
To add a new group account choose Action > New group... from the menu.
To add a new account for a backup server choose Action > New backup server account... from the menu.
To edit a user or group account select it in the list and choose Action > Properties... from the menu.
To delete a user or group account select it in the list and choose Action > Delete from the menu.
User properties :: General page
General page
| • | Name - a name of the user account. |
| • |  Use Windows domain authentication - Windows domain authentication will be used to check the user account password. Enter a user account name of Windows NT/2000/2003/2008 domain in the UserName@Domain form. To select a user account from the list, press the ... button at the right of the Name input field. |
| • | Use key file authentication - if selected, the user will be authenticated using a key file. You will be prompted to to save a key file for this user, after this option will be turned on. You need to pass this key file to the user. Only Crypt-o user accounts can use key file authentication. You can create a new key file for a user by choosing Action > Create new key file... from the menu in the users list window. |
NOTE: By default, a user must store a key file on a removable device, in order to be able to log on using the key file. You can control this behavior in the Crypt-o system options.
WARNING: Store key files on removable devices, such as USB flash drives, for security reasons. Unplug the device with your key file, when you finished working with Crypt-o.
| • | Password - the user account password. |
| • | Retype password - verification of the password. |
| • | Request password change at the next user logon - if selected, the user will be prompted to enter a new password at the next logon. |
| • | Full name - optional full name of the user. |
| • | Description - optional description of the user. |
| • | Disable user account - the user account is disabled and the user logon will fail. |
User properties :: Permissions page
On that page you can assign permissions for a user account. Set a mark on the Allow column for a permission to enable this permissions for the user. Set a mark on the Deny column for a permission to disable this permissions for the user. Deny permission takes precedence over Allow permission.
Permissions page
The following system permissions are available:
Permission |
Description |
System administrator |
A user can do everything. |
System audit |
A user can view the System audit log. |
Create databases |
A user can create new databases. |
The following object permissions are available:
Permission |
Description |
Owner |
A user can do everything with an object. |
Web access |
This permission applies to databases only. A user can access a database via Web interface. |
Portable mode |
This permission applies to databases only. A user can create a portable/offline version of a database. |
Audit |
This permission applies to databases only. A user can view a database audit log. |
Manage images |
This permission applies to databases only. A user can add/modify/delete images, which are used as icons for folders and records. |
Insert data |
A user can create new records and new sub-folders. |
Modify data |
A user can edit records and edit folders. |
Delete data |
A user can delete records and delete folders. |
Manage attachments |
A user can add or remove file attachments. |
Extract attachments |
A user can execute or extract file attachments. |
View protected fields |
A user can view data in protected fields. If a user does not have this permission, he is not able to view data in protected fields. But if the user has the Form filling permission, he is allowed to fill out forms with data of the protected fields. |
Print and export |
|
Form filling |
A user can use the form filling feature. |
User properties :: Member of page
On that page you can specify group membership for a user account.
Member of page
Specialized user account for backup servers
When you set up a backup server, you need to create a specialized user account on the primary server. This user account is used by a backup server to connect to the primary server. It is needed to allow transfer of the primary server's private data (SSL certificates and keys, licenses) to perform proper initialization of a backup server. The initialization is made only once during setup of a backup server.
To add a new account for a backup server choose Action > New backup server account... from the menu.
Adding a user account for a backup server
| • | Name - a name of the user account. |
| • | Allow transfer of server private data - when this option is selected, backup servers will be able to obtain private data of the main server, such as SSL certificates and keys, registration data, etc. |
WARNING: This option is needed only for initialization of a backup server. Turn off this option immediately after initialization of a backup server.
NOTE: For security reasons, this option is turned off automatically after 15 minutes.
| • | Password - the user account password. |
| • | Retype password - verification of the password. |
| • | Full name - optional full name of the user. |
| • | Description - optional description of the user. |
| • | Disable user account - the user account is disabled and the user logon will fail. |