Initial Security Considerations for New Repositories
- ADMIN (Laserfiche user)
- EVERYONE (Windows account)
In a newly created Laserfiche repository, the ADMIN user account will not have a password. This effectively means that your new repository is not secure, because anyone attempting to log in to your repository will automatically log in as the ADMIN user. Please remember to specify a password on the ADMIN user after you create a new repository.
When you create a new repository, Laserfiche assigns certain default rights to the ADMIN user and the EVERYONE group.
- The ADMIN user is granted all rights and privileges for the new repository.
- The EVERYONE group is automatically granted the Bypass Browse and Bypass Filter Expressions privileges, the Browse and Read entry access right on the root folder of your new repository, and the ability to view and modify the contents of the DEFAULT volume and General template. All users that log in to a repository are automatically part of the EVERYONE group.
Laserfiche Server 10 also automatically creates two additional Laserfiche user accounts:
- FTSUSER$: A special user account associated with the Laserfiche Full-Text Indexing and Search Service. This account can only be used by the Laserfiche Full-Text Indexing and Search Service.
- WFUSER$: A special user account associated with Laserfiche Workflow. This account can only be used by Laserfiche Workflow.
- FORMS$: A special user account associated with Laserfiche Forms. This account can only be used by Laserfiche Forms.
Do not attempt to modify settings for these two user accounts or you will be likely to interfere with search and workflow functionality in your Laserfiche repository. These two special user accounts are only available to their respective services and do not consume any of your user licenses.
For more information on getting started with security, see Quick Start to Setting Up Laserfiche Security.