Configuration of the Security System

enaio® 11.0 »

All rights settings stored in the various server engines are reinitialized after changes are made in the security system. Changes affecting other applications will only take effect after the system has been restarted. Users can update the security system in enaio® client using the key combination Ctrl+F5; in enaio® webclient, using F5.
For enaio® webclient, depending on changes, the 'dms' service and enaio® appconnector must be restarted.

The security system that controls access to archive objects is a group-oriented system. Access rights to archive objects are distributed to users on the basis of their membership in one or more groups.

Different access rights can be defined for each type of archive object and specified using clauses. Clauses enable users to be granted or denied access to archive object depending on the archive objects' indexing. The concept of clauses lets you create a structure that allows users to grant or deny access rights to archive objects only via the objects' indexing in enaio® client, without having to personally modify the administrative settings in the security system.

The layers concept is also integrated into the security system. It allows you to provide users with access to documents which previously had to be denied in general security systems. For example, personal data in documents can be blacked out on layers for specific user groups. All members of a user group can open these documents, print them, and export them with all blacked-out areas.

Layer administration is licensed in the 'ADI' module. If you use this module, a license key must be available on every workstation.

The security system allows you to control access to administrative programs for every single user. The access rights to the programs enaio® administrator, enaio® start, enaio® editor, and enaio® capture are assigned to individual users in form of system roles. Different users are assigned very different system roles. Certain functions in enaio® client also require specific system roles.

Additionally, you can create profiles and assign them to users. Assigning profiles makes it easier to manage the security system. It is also possible to make saved searches, SQL queries, and links to external applications available to all users with the same profile.

Logging Changes

You can activate additional logging of changes made to the security system in the 'Security System' and 'Remote User Administration' areas in enaio® enterprise-manager.

You can enable the corresponding option under Server Properties > General > Security.

You can then open the log in enaio® administrator by selecting Extras in the menu.

The log can be filtered by category, free text, and date. The log entries can be grouped by category, time, and user.

Users require the 'Administrator: Configure security system' system role in order to access the logs and delete entries.