Security

Security descriptors can impact the permissions of your items. As files are crawled and added to Aiimi Insight Engine, so are their security descriptors.

These descriptors can control who has access to what items. You can create rules that mean a user's descriptors must match an item's to view it. These controls supersede all other permissions like read access and privileged access.

New Descriptor Group

Select New Security Descriptor Group
- This will open a New Security Descriptor Group modal
Name: Enter a name for the Security Group.
Description: Enter a short description for this group.
- This can help others understand what the group is used for.
Match Mode: From the dropdown choose how many descriptors a user must match to view an item.
- Single - For an item with any number of descriptors, a user must match at least one to access it.
- All - If an item has more than one descriptor, a user must match all of them to access it.

Descriptor Mapping

Use the descriptor name and group name override to map item descriptors to users and groups with different names.

Descriptor Name: Enter the descriptor from the item.
Group Name Override: Enter a User or Group you want to map the descriptor to if they are different.
- You can only assign one user or group to a descriptor.
Select Add Descriptor
- This will add the descriptor you just created to the group. It will also create another line so you can continue to add descriptor mappings.
Select Add once you are finished.

Managing Descriptor Groups

Edit

Find the Security Descriptor Group you want to change. You can use the search box to find a descriptor group.
Select the edit button on the group you want to change.
- This will open a Edit Security Descriptor Group modal.
You can then to amend every field and add or remove descriptor mappings.
Select Update to finalise your changes.

Delete

Find the Security Descriptor Group you want to remove. You can use the search box to find a descriptor group.
Select the Delete button on the group you want to remove.
- This will open a confirmation popup.
Confirm you are happy to remove the descriptor group.

PreviousUploads NextUser Settings

Last updated 1 month ago

New Descriptor Group

Select New Security Descriptor Group

This will open a New Security Descriptor Group modal

Name: Enter a name for the Security Group.

Description: Enter a short description for this group.

This can help others understand what the group is used for.

Match Mode: From the dropdown choose how many descriptors a user must match to view an item.

Single - For an item with any number of descriptors, a user must match at least one to access it.
All - If an item has more than one descriptor, a user must match all of them to access it.

Descriptor Mapping

Use the descriptor name and group name override to map item descriptors to users and groups with different names.

Descriptor Name: Enter the descriptor from the item.

Group Name Override: Enter a User or Group you want to map the descriptor to if they are different.

You can only assign one user or group to a descriptor.

Select Add Descriptor

This will add the descriptor you just created to the group. It will also create another line so you can continue to add descriptor mappings.

Select Add once you are finished.

Managing Descriptor Groups

Edit

Find the Security Descriptor Group you want to change. You can use the search box to find a descriptor group.

Select the edit button on the group you want to change.

This will open a Edit Security Descriptor Group modal.

You can then to amend every field and add or remove descriptor mappings.

Select Update to finalise your changes.

Delete

Find the Security Descriptor Group you want to remove. You can use the search box to find a descriptor group.

Select the Delete button on the group you want to remove.

This will open a confirmation popup.

Confirm you are happy to remove the descriptor group.