|
|
|
|
|
BlueCielo Meridian Global Collaboration Framework 2012 Administrator's Guide | BlueCielo ECM Solutions |
When folders are replicated between collaborating vaults, the security role assignments are replicated as well. In environments where the vaults reside in separate domains, the role assignments in the source vault are invalid in the destination vault. For example, if the role Manager is assigned to the group MyDomain\MeridianManagers for a folder in the source vault and the folder is replicated to a vault that resides in a domain named YourDomain, the role assignment will be invalid, even if the group MeridianManagers exists in the destination domain.
To avoid having to adapt and maintain the role assignments of replicated folders to the correct domain, you can configure security role mapping. Security role mapping defines the name of a group in the local domain that corresponds to a group in a remote domain using a common global identifier.
For example, to configure security role mapping for the preceding scenario, you could map the two domain groups like this:
Source vault:
MyDomain\MeridianManagers = ManagerGroup
Destination vault:
YourDomain\MeridianManagers = ManagerGroup
When folders are replicated from MyDomain to YourDomain, the Meridian Enterprise import processor in YourDomain will identify the role assignments mapped to the global identifier ManagerGroup and apply the correct security group role assignment (YourDomain\MeridianManagers) to the folders.
To configure security role mapping:
Following are example security role mappings for the preceding example:
Security mapping for the MyDomain vault:
[UserGroups] MyDomain\MeridianManagers = ManagerGroup
Security mapping for the YourDomain vault:
[UserGroups] YourDomain\MeridianManagers = ManagerGroup
|
Copyright © 2000-2014 BlueCielo ECM Solutions |