Right management
In the array "right management" settings concerning privileges and permissions can be managed.
Display menu items without rights
If this option is activated, the menu items for which the user is not authorized will be shown in the single menus. That enables the user to require missing rights. At the attempt to open a menu item without rights, the accordant dialogue appears:
Users can request missing rights
If this setting is active users can ask for missing rights. See Manage permissions and rights.
Only a member of the administrator group can manage the Administrator group
Activate this option if only members of the administrator group are allowed to manage them. Through this users, which own access to the "user and group management", can only manage administrators if they are a member of the administrator group.
Enable user login outside of the domain (e.g.: USB stick modus)
If this option is activated the Windows login password of the Active Directory user will also be saved as an internal Password Safe password. So the user can log on the database with his/her Active Directory password also if he/she is not linked with the domain.
Administrator and Administrators group can be removed from the shares
It is possible to completely delete the administrator and the administrator group from the permissions. Hereby also completely private passwords/records are possible. Consequently the administrator has no longer access. Please also notice that without an administrator in a permission no logbook entries will be written for that record.
Inherit change to shares in subfolders and records
If this setting is deactivated the question of inheritance will no longer be displayed and changes of permissions will no longer be passed on to subordinated folders and records. The automatic inheritance to a new record is not concerned by this and is still carried out.
Users can choose between personal and public records
If this setting is active you will be asked for every new record if this record should be personal or public. With the choice "personal" only the current user will be lodged in the rights of the record. With the choice "public" the normal inheritance of rights from the superordinate folder takes effect. In both cases the rights can be adapted manually afterwards. A personal record can therefore however be made accessible to other users later on.
Template for root folder
Is required to define the folder rights in the root (highest level for folders). If no template is deposited here every user can start a folder in the root.
Record template
This template only applies if no inheritance of rights is carried out to the record. As an example we can name the bank because it is not allocated to any folder but exists overall. This is exactly when this template takes effect. If no template is deposited the administrator and the administrator group will be added in addition to the user that receives full access.
System messages
Here it is defined to who the system messages are sent. If no designation is made the administrator receives the messages. You can choose single users as well as groups.
The configuration in the database settings is only available if the user has the right "... can manage users and groups". Generally it is suggestive to possibly only give this right to the administrator.
You can find further information in the chapter right templates.