Managing Roles

Understanding Roles

A role is a named set of privileges. A role will have each individual privilege either granted or denied for that role so that that role becomes defined as the collective set of those privileges. For example, a role named Developers can be created and will have each of the privileges granted or denied. All users assigned to the Developer role will have the same set of privileges. Roles do not define access to content.

iManage Work Server implements a dynamic security model called Roles. Roles allow administrators to distribute access to document management functions selectively across an organization.

The following topics are available:

Creating Roles

NOTE:

This application is available to NRTAdmin users.

  1. Select Access > Roles application.

  2. Click the images/download/thumbnails/38733309/image.gif Add icon to open Add Role page.

    Figure: Add role
    images/download/attachments/38733309/Add_role.png

    Privilege

    Allowed Actions

    Content

    Import/Create

    Allows the user to import documents into the library, or to create a document.

    Checkout Documents

    Allows the user to edit documents.

    Checked out allows the user to edit the document, and check in returns the document to the library.

    Unlock Documents

    Allows the user to unlock a document checked out or are in use by the user.

    Locked is a state that a document can get into when while it is checked out, the network accessing the document, or the computer hosting the document became unexpectedly unavailable. That document is marked as checked out but is unavailable. Unlocking it restores the last version in iManage Work and the document becomes available again.

    Delete

    Allows the user to remove documents from the library to which the user has full access. With journaling enabled, iManage Work Server maintains the deleted copies of the document.

    Allow Full-Text Searches

    Allows the user to perform full-text searches. This is a search within the content of documents. If this privilege is not granted, users can only search the metadata of a document, such as custom1, custom2, and so on.

    Read Only

    Limits the user to read-only access to documents.

    Folder

    Create Public Folder

    Creates a public project folder. User can still create private folders and subfolders within security inherited from the parent folder.

    Create Public Searches

    Saves searches and mark them as public.

    Administrative

    Use iManage Work Import

    Allows the user to access the bulk Document Import tool. The NRTADMIN group has this permission by default.

    Use iManage Work Monitor

    Allows the user to access the iManage Monitor to track library transactions. The NRTADMIN group has this permission by default.

    Use iManage Work Administration

    Allows the user to access users in INTERNAL_ADMIN, INTERNAL_USERADMIN, EXTERNAL_ADMIN, and EXTERNAL_USERADMIN groups in iManage Work (web client) to manage users, groups, and roles. The NRTADMIN group has this permission by default.

    View Documents

    Allows an NRTADMIN user to view private documents. This privilege applies only if the user is an NRTADMIN.

    To allow an NRTADMIN user to view private documents, select Yes. To prevent an NRTADMIN user to view private documents, select No.

    Tier 2

    Grants tier 2-level privileges. Tier 2 privileges are intended for help desk and support team members and allows a high level of access that includes tier 1 privileges. See Tiered privileges.

    Tier 1

    Grants tier 1-level privileges. Tier 1 privileges are intended for help desk and support team members and allows an elevated level of access. See Tiered privileges.

    Custom Metadata Management

    Allows the user to add new values to the custom tables custom1-12 and custom29-30 while creating workSpaces.

    To enable users to add new custom metadata values while creating workSpaces, they should be assigned to the Custom Metadata Management role.

    Web Operations

    Search Using Web

    Allows the user to perform searches using iManage Work (web client). This setting is deprecated and should be left to its default of true.

    Create WorkSpaces

    Allows the user to creates new WorkSpaces.

    Create Public WorkSpaces

    Allows the user to create public WorkSpaces.

    Delete WorkSpaces

    Allows the user to delete WorkSpaces.

  3. Enter the information for the new role and check the privileges you want to provide to this role. Refer the following tables for more details.

    Table: Add Role Fields

    Field

    Description

    Role

    Name for the role.

    Description

    Additional information about this role.

    External Role

    Indicates if the role you want to create is for external users.

    Privileges

    The rights you would like to grant to the users who will be assigned this role.

  4. Click Save.

Assigning Roles to Users

  1. Select Access > Roles application.

  2. Click the role to which you want to assign the users and a new Roles page opens.

  3. Click images/download/thumbnails/38733309/image.gif to add users to this role.

  4. Select the users to whom you want to assign this role and click Save. All the privileges available for this role are now assigned to the users.

    NOTE:

    A user can be assigned to only one role. Therefore, the users who have already been assigned to another role do not appear in the list.

Deleting Roles

  1. Right-click the role you wish to delete.

  2. Click Delete, and click Yes on the warning that appears. The role is deleted and all the associated users are automatically assigned a default role. This is Default, or if the user is external, Default_External.

The following roles cannot be deleted: Default, and Default_External.

Tiers

Tiers are predefined sets of privileges. There are three tiers, each designed to provide specific assistance to users.

  • Tier 1: Basic product support or help desk features.

  • Tier 2: Advanced product support or help desk features.

  • NRTADMIN: NRTADMIN is considered an iManage Work system administrator and includes the most complete access to all features.

Individual privileges within a tier set cannot be modified. For example, the Trash Permanently delete cannot be added to the tier 1 set, nor could a user be granted only the Trash Permanently delete privilege. In the same way, NRTADMIN cannot have the Trash Permanently delete privilege removed from its set.

The following table lists the privilege set for each tier.

Table: Tier privileges

Feature

Tier 1

Tier 2

NRTADMIN

Trash

Restore

images/download/thumbnails/38733309/check.png

images/download/thumbnails/38733309/check.png

images/download/thumbnails/38733309/check.png

Permanently delete

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/check.png

User

Create

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/check.png

Lock/Unlock

images/download/thumbnails/38733309/check.png

images/download/thumbnails/38733309/check.png

images/download/thumbnails/38733309/check.png

Reset Password

images/download/thumbnails/38733309/check.png

images/download/thumbnails/38733309/check.png

images/download/thumbnails/38733309/check.png

Groups

Create

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/check.png

Disable

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/check.png

Copy

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/check.png

Add members

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/check.png

Roles

Create

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/check.png

Add users

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/check.png

Manage user privileges

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/check.png

Documents

Search

images/download/thumbnails/38733309/check.png

images/download/thumbnails/38733309/check.png

images/download/thumbnails/38733309/check.png

Check effective access

images/download/thumbnails/38733309/check.png

images/download/thumbnails/38733309/check.png

images/download/thumbnails/38733309/check.png

History

images/download/thumbnails/38733309/check.png

images/download/thumbnails/38733309/check.png

images/download/thumbnails/38733309/check.png

Workspaces

Search

images/download/thumbnails/38733309/check.png

images/download/thumbnails/38733309/check.png

images/download/thumbnails/38733309/check.png

Check effective access

images/download/thumbnails/38733309/check.png

images/download/thumbnails/38733309/check.png

images/download/thumbnails/38733309/check.png

Metadata

Add/Edit

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/check.png

images/download/thumbnails/38733309/check.png

Delete

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/check.png

images/download/thumbnails/38733309/check.png

Disable

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/check.png

images/download/thumbnails/38733309/check.png

Captions

Edit

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/check.png

images/download/thumbnails/38733309/check.png

Classes / Subclasses

Add

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/check.png

images/download/thumbnails/38733309/check.png

Delete

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/check.png

images/download/thumbnails/38733309/check.png

File Types

Add

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/check.png

images/download/thumbnails/38733309/check.png

Edit

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/check.png

images/download/thumbnails/38733309/check.png

Delete

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/check.png

images/download/thumbnails/38733309/check.png

Applications

Add

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/check.png

images/download/thumbnails/38733309/check.png

Edit

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/check.png

images/download/thumbnails/38733309/check.png

Delete

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/check.png

images/download/thumbnails/38733309/check.png

Templates

Add

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/check.png

images/download/thumbnails/38733309/check.png

Edit

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/check.png

images/download/thumbnails/38733309/check.png

Delete

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/check.png

images/download/thumbnails/38733309/check.png

Copy

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/check.png

images/download/thumbnails/38733309/check.png

Global

Edit

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/check.png

Web Client

General

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/check.png

images/download/thumbnails/38733309/check.png

Features

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/check.png

images/download/thumbnails/38733309/check.png

Access

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/check.png

images/download/thumbnails/38733309/check.png

Web Views

Edit

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/check.png

images/download/thumbnails/38733309/check.png

Web Filters

Edit

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/check.png

images/download/thumbnails/38733309/check.png

Web Context Menus

Edit

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/check.png

images/download/thumbnails/38733309/check.png

iOS

Edit

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/check.png

Add server

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/check.png

Download

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/check.png

Office

Create category

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/check.png

Delete category

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/check.png

Download category

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/check.png

Extensions

Upload New

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/check.png

Edit

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/check.png

Delete

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/check.png

Enable/Disable

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/check.png

Reports

Download

images/download/thumbnails/38733309/error.png

images/download/thumbnails/38733309/check.png

images/download/thumbnails/38733309/check.png