HomeGeneralSecurity/PolicysetsHow do I hide the administration nodes for some users?

12.3. How do I hide the administration nodes for some users?

You can specify who can perform administrative tasks (and therefore who can see the administration nodes) by disabling the relevant administration policy.

So, if you only wanted administrators to see the 'Users' node you would:

Create a new policyset which applies to the 'Administrators' group. You can do this by right-clicking the 'Policy Admin' node and selecting new. Specify that the policyset applies to all repositories but the group 'Administrators.

Name the policyset 'Administrators' and 'Finish' the wizard. The 'Administrators' policyset should now appear with the 'Default' when selecting the 'Policy Admin' tree item.

Double-click the 'Administrators' policyset and go to the 'Policies' page to see what policies have been defined. Initially this will be empty.

Press the 'New' button and select the 'User Administration' policy.

Press OK to add this policy to the policyset. As you will see, initially the value for this is 'False'.

For the 'Administrators' policyset we want to set this to true (so that administrators) are able to add/edit/delete users. Double-click the 'User Administration' policy to open the 'Policy Setting' dialog and set the value to be Enabled.

After pressing OK you will see that the Value is now 'True'. Press 'OK' to save the changes to the 'Administrators' policyset.

So we have specified that 'Administrators' are able to add/edit/delete users. We now need to specify that everyone else is not able to add/edit/delete users. Double-click the 'Default Policyset' to open the policyset. If you go to the 'Polcies' page for the 'Default Policyset' you will see that many policies have been specified by default. One of these is 'User Administration' which has a value of True. Double-click the policy and disable it to set its value to False.

After you have pressed 'OK' to save the changes you should find that users belonging to the 'Administrators' group are able to see the 'Users' tree item. They are able to add/edit and delete the users as before. Users who do not belong to the 'Administrators' group do not see the 'Users' tree item. If they attempt to add/edit/delete users (using the command line or SDK) the command will fail.

This page was: Helpful | Not Helpful