Groups
Note: The Everyone group is a special group that contains all trustees in the repository. For more information, see Everyone Group.
Important: There is no way to block a user's inheritance of a group's permissions. This is especially important for access rights, since denied access rights take precedence over allowed access rights. Therefore, if you do not want a user to inherit all permissions assigned to a particular group, you should remove that user from that group.
Benefits of Domain and Directory Groups
There are several advantages to using Windows or LDAP accounts with Laserfiche instead of creating individual Laserfiche trustees: simplified user creation and management, better integration with named user licenses with Laserfiche Rio and Laserfiche Avante, and single sign-on for Windows Active Directory users.
The key to creating a manageable Laserfiche security setup is to use Windows domain groups or LDAP directory groups whenever possible. One advantage of doing so is that it reduces the number of accounts that need to be configured. Instead of having to configure security for each domain or directory user, you can configure security for the relevant groups. Limiting the number of accounts that need to be configured reduces the complexity of the security system and the amount of time spent configuring it. Another advantage is that it allows Laserfiche security to automatically adapt to changes in your organization. For example, Laserfiche security would not have to be modified when a new person is hired in your organization. Instead, his or her domain or directory group membership will determine the amount of access that the user will have to a Laserfiche repository.
Learn more about groups