This document describes how to set up and use User Access Groups and Limited Access Groups.
KB Administrators can create User Access Groups to provide a further level of specificity in determining access to documents.
All group settings, including membership, can be modified at any time.
Click on Users Tab.
Click on User Access Groups link on the left navigation bar.
In the Add a user access group table, enter a User Group Name and User Group Description (optional), then click the Add button. This will add your new User Access Group to the list of previously defined groups.
Find your new User Access Group and click the Members button. This will take you to another screen where you can add intended users to the group(s) you have created.
Check the Member check box next to the people you would like added to the group and click Update. Mouse-over highlighting helps you check/uncheck accurately.
To Change a Group Name:
To Change a Group Name's Description:
To Add or Remove Members:
To Deactivate or Activate a Group:
Near the bottom of a document creation or editing page, you will see sections for WriteAccess and ReadAccess with links to Show all WriteAccess groups and Show all ReadAccess groups. Clicking these links will expand the section to reveal check boxes for any User Access Groups defined for your site. If no User Access Groups are defined then "No user groups defined" will be displayed.
Based on the content of the document, you may select to restrict read or write access for the document to one or more User Access Groups.
If the document needs no particular user restriction, don't check any of the User Access Group check boxes.
Once a document is restricted, it is only accessible to users on its User Access Group, even within the KB Admin Tools environment. If a user is listed in the specified User Access Group, the document will display normally. If not, a message indicates that the document is restricted to a pre-defined list of users, and offers the option of contacting the document owner to gain access.
While in the document editor, select the User Access group you just defined and permit/restrict permissions to modify the content of the document.
In the image below, the Owner group admins (circled) have permission to edit this document. Checking the box next to any WriteAccess groups will also be grant that User Access group permission to edit this document. The image below shows that the Network Technologists also have permission to edit this document.
Network Technologists User Access Group - members of this group are content experts who may edit and publish a Network specifications and procedural documents.
Note: Other User Groups populated from Group Authorization Rules may appear in the WriteAccess section. See KB User's Guide - Users Tab - Group Authorization for more information. Hover your mouse over a User Access Group to see a tooltip displaying all users associated with that group.
In the image below, the check box next to the "Network Technologist" User Access Group has been selected in the ReadAccess part of the document editor. Once a document is restricted to one or more ReadAccess groups, it is only accessible to users on those lists, even within the KB Admin Tools environment.
Use case: Network Technologists User Access Group - members of this group are the only ones who should have access to firewall access policies and modification planning of said policies.
Note: Other User Groups populated from Group Authorization Rules may appear in the ReadAccess section. See KB User's Guide - Users Tab - Group Authorization for more information. Hover your mouse over a User Access Group to see a tooltip displaying all users associated with that group.
You may designate a User Access group as an Admin Group in a specific topic. For more information about topics, please see KB User's Guide - Topics Tab - Adding, Editing, and Deleting Topics. In the image below, the Grad School User Access Group has been provisioned rights to publish documents associated with the Cruciferous topic, and that topic alone (e.g. Admin group permissions do not include subtopics).You may grant a User Access group publish rights without having to grant them full publish rights for all documents.
Use case: Grad School User Access Group - members of this group are trained student employees, but do not have publish rights. Topic Admin group gives them conditional publish rights only.
Click on Users Tab.
Click on Limited Access Groups link on the left navigation bar.
In the Add a limited access group table enter a name in the Group Name field and a description in the Group Description field (optional), then click the Add button. This will add your new Limited User Access Group to the list of previously defined groups.
Find your new Limited Access Group and click the Members button. This will take you to another screen where you can add intended users to the group(s) you have created.
Check the Member check box next to the people you would like added to the group. Mouse-over highlighting helps you check/uncheck accurately. When you have selected all the desired members, click Update.
Click on the Topic-based access button and select the topics and sub topics to which this Limited Access Group should have read-access on your internal site. Please know this supersedes all other access rights. Members of this group will only be able to view the documents associated with selected Topic(s) and nothing else, and they will not have read access to child Topic(s) unless specifically selected.
To Change a Limited Access Group Name:
To Change a Limited Access Group Description:
To Add or Remove Members:
To Modify Doc Access
To Activate/Deactivate a Group:
Limited User Access restriction should not be used for documents that are meant for public consumption. It works with documents published to internal KB sites only. The topics drop down menu, topics side module, and topics tree will show only those topics, and "Most Recently Updated Documents" and "Top Documents of the Week" modules will be updated to only display docs they are allowed to view. When an associated Limited Access Group is deleted, the restriction on the document will cease to exist.
Once you have defined a Limited Access group, that group will only see documents within the topics and subtopics in your Internal KB site that you have specified.
Use case: Members of the Limited Access Group are:
If you are not finding what you need, please email the KB Team for a consult.