Jump to content

davep

Members
  • Content Count

    9
  • Joined

  • Last visited

  1. I would throw one other thing out there that you've probably already considered, but I'll say it anyway. I've worked in a lot of data sensitive worlds where the rule was that you never really deleted anything. In those cases (as it might apply here), the various data points (folders/lists/items) never went away. Instead the "delete" functionality would set a flag, sometimes called "archive" or "hidden". This was nothing but an additional field per row. Normal users would never see an article that had that flag set, but with a certain privilege (like administrator), you could toggle showing or hiding those. That authority could then toggle the field off, restoring it if needed. In this case, it wouldn't have to replace the delete functionality, as you already have the ability to set that per group anyway. Like I said, you've probably already considered that option, but if not, please toss it around. It really is a good product.
  2. That's what I was afraid of. I understand the complication, believe me. This being said, I now have to try to figure out a way to work around it without compromising the security we are using the product to provide, which to me looks pretty complicated too. I do consider this to be the first major flaw in what has otherwise thus far proven a great, well designed system. Thanks for the clarification anyway.
  3. I've found some older requests and discussions about this here, but I'm hoping there is something new I'm just missing. I have a team that uses a sub-folder structure to store team-specific data. Users are requesting the ability to delete folders they have created, due to changes or errors. The challenge is that it appears to me that their is still no way to recover data from deleted lists and/or folders. I hope this is incorrect, and readily admit I may well have missed something easy. This is a major issue to me, as even well intentioned "cleanup" can create nightmares later if circumstances change or were different than the user understood at some level at the time. I have seen older discussions referring to use of backups, but over many years I've seen countless circumstances where an issue wasn't discovered until significantly later, and the game of trying to figure out which backup might have the lost data can take tremendous time, and even be fruitless, if backups are pared down during archival, and the needed data only lived between the remaining recovery points. Please, tell me I'm worried about nothing, and this is handled within the system. If not, please accept my request to add permanent archive of data (or at least administrator-only granular cleanup), rather then permanent deletion. thank you.
  4. Okay, then I don't feel as stupid, and am glad I asked. I would have done it wrong. I appreciate your not only answering quickly, but addressing the issue immediately, instead of "in the next release" as so many companies do.
  5. Following up, I did just find the following text in the user manual, so I am updating here in case somebody else has the same question. From the looks of it, modify does not allow create, so if I want a user to be able to make new password entries, they have to be given administrator permissions. That does leave concern with the way I had planned to accomplish the hierarchy, with permissions flowing down from the parent "clients" folder, to each subfolder ("client1", "client2", etc.). If I read it right, anybody that I want to give full password controls too, would also have the ability to pretty much globally change permissions or delete the entire clients folder in a shot, so should I instead restrict the top level and specifically add permissions to each sub-folder? Thanks! Password and Password List Permissions Permissions can be applied for individual User Accounts, or Security Groups (either a Local Security Group, or an Active Directory Security Group). The following types of permissions are possible: ยท Password Lists: o View: Can only view the passwords o Modify: View access, plus edit and delete passwords o Administrator: Modify access, plus administer permissions and make changes to the Password List
  6. Just getting set up, and have created my first folder, which will have sub-folders with downward propagation. It may seem silly, but I have searched for some time, and can't find any definition anywhere for what the permissions actually provide. View seems obvious enough, and modify may mean create/change/delete (or is it change only?), but what does "Administrator" provide? I'd really like to understand the detail, as I want to give users what they need, but not beyond what is needed. Are these defined somewhere, and I've just missed it? Thanks.
  7. Hi, during setup, I am asked to " Specify account with Read access to query AD Users and Security Groups ". I cannot find the purpose of this account, whether it is temporary or permanent, specific to the application or any more general account, or what specific permissions are required for the purpose if I should create a new AD account. I suppose I could just put in the administrator info, but I prefer to keep accounts and permissions as clean as possible. I apologize if this is clearly stated somewhere and I have missed it. Please point me to the answer, or help me understand what I should do with this. Thanks!
×