416.467.9100 | Dundas Data Visualization | Login
Welcome Guest
This is the support page for the legacy Dundas Dashboard application. For assistance with the current Dundas BI application please click here.
Dashboard v5.5

This site makes extensive use of JavaScript.

Please enable JavaScript in your web browser and reload the page before proceeding.

Managing Security Groups

Hide navigation
RSS
Modified on Wed, 02 Dec 2015 06:21 PM Categorized as Administration, Open APIs
Click to return to: Documentation | Installing and Administering Dundas Dashboard | Administration


Overview

Dundas Dashboard's Security Group feature lets you control access to data connectors, virtual tables, dimensions, KPIs, dashboards and other resources. By setting up a Security Group, you can grant or deny access to members of that group instead of having to configure the access rights for each user individually.

Security Groups can contain:

  • Dundas Dashboard users
  • Windows users
  • Windows groups
  • Other Security Groups

This gives you lots of flexibility for controlling access to different parts of the Dundas Dashboard application.

For more details on securing access to project items, see Project Item Properties.

The Everyone group

All users are automatically part of the Everyone Security Group. This group makes assigning access rights easier (for example, you can remove the Everyone group's access to a dashboard and give the Managers group access to it instead).

Adding a Security Group

To add a new Security Group:

  1. Click the Administration tab of the Sidebar.
  2. Hover over the Security Groups folder with your mouse and click the menu button to its right. The Security Groups menu is displayed.
    Image
  3. Choose Add Security Group from the menu. The Editing Security Group: New Security Group screen is displayed.
    Image

Provide the information required by the Editing Security Group screen as follows.

Step 1 - Enter general information for the group

The General tab of the Editing Security Group screen lets you set general information for the group:

  1. Enter a name for the Security Group in the Group name field.
  2. Enter a comment or description in the Comment field.
  3. Set the default view which is displayed when a user from this group logs in. You can set it to the Home screen or choose a specific dashboard to show instead. This setting will be propagated to all accounts and groups within this group recursively.
    Image
  4. Configure privileges for this group:
    • If the new security group should be allowed to perform administrative operations, check the corresponding Granted checkbox.
    • If the new group can create notifications, subscribe to notifications or subscribe other users to notifications, check the corresponding Granted checkboxes.
    • Grant or deny the group access to viewer/toolbar operations as desired. (See the Notes section for more details about granted versus denied privileges.)
  5. If the group should be disabled when it is created, check the “Group is disabled” checkbox. Disabled groups are ignored when determining access rights.
  6. Click Save in the Toolbar to save your new group.
    Image

The Security Groups folder item displays the updated number of groups in brackets.

Tip: Hover with your mouse over a security group item to see a tooltip that displays the group's name and its Enabled status.

Step 2 - Add accounts to the group

The Accounts in This Group tab lets you add or remove user accounts from the security group that is being created or edited.

The Accounts in This Group tab.

The Accounts in This Group tab.


To add a user account to the security group:

  1. Select the account in the All Accounts list on the left.
  2. Click the Add button. The account appears in the Accounts Included In Security Group list on the right.
  3. Click Save in the Toolbar to save your changes.

To remove a user account from the security group:

  1. Select the account (that you want to remove) from the Accounts Included In Security Group list on the right.
  2. Click Remove.
  3. Click Save in the Toolbar to save your changes.

Step 3 - Add other groups

The Groups in This Group tab lets you add or remove security groups from the security group that is being created or edited. This allows you to create a hierarchy of security groups to model your company's organization.

The Groups in Group tab.

The Groups in Group tab.


To add a group to the security group:

  1. Select the group in the All Security Groups list on the left.
  2. Click the Add button. The group appears in the Groups in Group list on the right.
  3. Click Save in the Toolbar to save your changes.

To remove a group from the security group:

  1. Select the group (that you want to remove) from the Groups in Group list on the right.
  2. Click Remove.
  3. Click Save in the Toolbar to save your changes.

Step 4 - Give the security group access to projects

Click the Project Access Rights tab in the Editing Security Group screen in order to give members of the group access to Dundas Dashboard projects. Note that this tab is accessible only after the new security group has been created (e.g., by clicking Save in the toolbar).

The tab lists each project in the system and lets you set the access level (None, Read, Write, or Full Control) per project.

The usage is identical to the Project Access Rights tab in the Editing Account screen.

Step 5 - Add custom attributes

A custom attribute is a name-value pair which you can associate with a security group. Custom attributes can be used at the data connector or virtual table stage to allow for data filtering based on the user who is logged in to Dundas Dashboard.

The usage is identical to the Custom Attributes tab in the Editing Account screen.

For more details, see Using Custom Attributes.

Editing a Security Group

To edit an existing Security Group:

  1. Expand the Security Groups folder in the Administration tab.
  2. Click the menu button on the Security Group you want to edit.
    The Security Group menu.
  3. From the menu, choose Edit. The Editing Security Group screen is displayed.
  4. Modify the general information for this group as desired.
  5. Add user accounts to the group.
  6. Add other security groups.
  7. Click Save from the Toolbar to save your changes.

Deleting a Security Group

To delete a Security Group:

  1. Expand the Security Groups folder in the Administration tab.
  2. Click the menu button on the Security Group you want to delete.
    The Security Group menu.
  3. From the menu, choose Delete.
  4. Click Yes when prompted to confirm the operation.

Deleting an Security Group removes it from:

  • Any Security Groups that include it.
  • Any security settings that reference it.

Viewing the full list of groups

In the Administration tab, if there are too many groups listed under the Security Groups folder, only a partial list of groups will be presented and you must click the last More... item in the folder to see the full list of groups. You can also access the full list directly at any time as follows:

  1. Select the Security Groups folder and do a right-click.
  2. From the menu select View Full List.
    View full list.
  3. The full list of groups is displayed in a grid with options to search for groups, edit a specific group, or delete a group.
    Viewing the full list of security groups.

Notes

Granted versus denied privileges

Privileges can be granted or denied at the user account level or the security group level. In general, a user account will inherit privileges from all of the security groups to which it belongs. However, denied privileges always take precedence, whether specified at the user account level or security group level. Below are some scenarios for illustration.

Scenario 1

  • User account Viewer1 belongs to security group GroupA.
  • GroupA is denied the privilege May use the viewer export command.
  • Viewer1 is granted the privilege May use the viewer export command.

The result will be that Viewer1 does not have access to the export command.

Scenario 2

  • User account Viewer1 belongs to security groups GroupA and GroupB.
  • GroupA is granted the privilege May use the viewer export command.
  • GroupB is denied the privilege May use the viewer export command.

The result will be that Viewer1 does not have access to the export command.

API references

Creating custom group provider add-ons:


Administering groups on the server:


Related topics


Click to return to: Documentation | Installing and Administering Dundas Dashboard | Administration

About Dundas | Contact Us Follow us on Twitter! | Privacy Statement | Report Site Issues

Copyright © 2009-2016 Dundas Data Visualization, Inc.