RapidIdentity Product Guide: New UI

Templates

The Folders Templates module allows administrators to outline the folder structure and permissions that RapidIdentity Folders will create and manage. Any folders with the assigned template will align to the hierarchical structure defined in the template. This provides a higher level of control for administrators to determine how their folder structures will be accessed and navigated by users.

Once you determine the structure of the folders, set up the access for each level to be instituted by the template. There are multiple permissions settings to be determined from this menu, as described below.

Table 352. Template Fields

Field

Description

Name

(Required) Enter a name that describes the purpose of this folder within the structure.

Description

Quota

Choose whether to Ignore, Clear, or Set quotas that define how much space can be consumed within each folder.

• Ignore: Disregard any previous space limitations set for that folder.

• Clear: Remove space limitations for the folders using that template.

• Set: Define the quota space allowed to be consumed in KB, MB, or GB. With this choice, there is another option: whether to set a Soft quota. Choosing this will not enforce a quota limit and will report that limits are met.

Attributes

For this template, determine whether to set the folder as Archive, System, or Hidden. These determine the Microsoft Active Directory attributes that will be assigned to any folder using this template.

Archive: Ensure the folder is backed up during the next incremental backup

System: Make the folder a System folder.

Note

It is generally not advisable to modify the properties of a System folder.

Hidden: Make the folder not visible by default in My Computer or Windows Explorer.

Owner

Choose who will be responsible for managing the folders with this Template assigned.

User/Group: The user or group responsible for creating the folder is owner

Other: Define a specific user or group to be owner under this template

Note

Selecting Other generates a user search window to assign the folder template owner.

ACL

Access Control Lists (ACL) set the permissions associated with objects, and consist of Access Control Entries (ACE) that define specific permissions. If folders should not inherint permissions from the parent folder, click the checkbox at the top of this menu. To add an ACE, click Add.

ACE

Adding an ACE will require defining a Trustee, a Type, determining what it will Apply To, Inheritance rules, and Permissions.

Trustee

There are two ways to determine the users who will be affected by this permissions entry: by User/Role or by Trustee Token.

1. Click the Magnifying Glass to search for a specific user or role to assign this entry to. Then determine whether to search for User or Role, and enter relevant text into the Search field.

Note

The fields will automatically suggest relevant Users or Roles as you type.

2. Click the Brackets to select a Trustee Token that will determine the predefined groups of users who will be affected by this permissions entry.

Type

For this permissions entry, choose to Allow or Deny the permissions to the set Trustee.

Apply To

Determine the objects that will be affected by this entry. There are multiple combinations of objects -- folders, subfolders, and files -- to consider when choosing this option.

Inheritance

Select this checkbox to limit folder inheritance to a single level, meaning that direct children of the folder will inherit these permissions, but the permissions will not be inherited further down the hierarchy.

Permission

Determine the permission levels to apply to this entry.

Note

Many of these permissions have dependencies on other permissions.

• Full Control: Users with this permission can read, write, modify, and execute files in the folder, change attributes, permissions, and take ownership of the folder or files within. Selecting this will automatically select all other possible choices.

• Modify: Users with this permission will be able to read, write, modify, and execute files in the folder. Selecting this will automatically select all choices below it.

• Read and Execute: Users with this permission can display the file's data, attributes, owner, and permissions, and can execute programs. Selecting this will automatically select Read and List.

• Read: Users with this permission can open a file or folder, view its attributes, owner, and permissions. Selecting this does not automatically select any other permissions.

• Write: Users with this permission can write data to a file, append to a file, and read or change its attributes. Selecting this does not automatically select any other permissions.

• List: Users with this permission can view and list files and subfolders and execute files, but this is inherited by folders only. Selecting this does not automatically select any other permissions.