Add-DomainUserToLocalNodeAuthorizationGroup

Synopsis

Adds a user to a node's authorization group.

Syntax

Add-DomainUserToLocalNodeAuthorizationGroup [-DomainUserName] <String[]> [-Admin <SwitchParameter>] [-ReadOnly <SwitchParameter>] [-Client <SwitchParameter>] [-Machine <SwitchParameter>]

Detailed Description

The Add-DomainUserToLocalNodeAuthorizationGroup function adds a Windows domain user or group to one or more Distributed Computing Cluster authorization groups. Adding a user to an authorization group allows that user to access the functionality available to the group.

Authorization in Laserfiche Distributed Computing Cluster

Laserfiche Distributed Computing Cluster supports authorization to restrict the operations that can be done by different users.

A Scheduler has four authorization groups (or roles) that Windows users can be assigned to.

Admin: Users in the Admin authorization group can view administrative information and make changes to the cluster.
ReadOnly: Users in the ReadOnly authorization group can view administrative information on a cluster, but cannot make changes.
Client: Users in the Client authorization group can run jobs on a cluster.
Machine: Users in the Machine authorization group can start operations that are meant to be started by other nodes in the cluster. A node's Machine authorization group should contain all the service users that the other nodes in the cluster run as.

Workers only use the Machine role.

Note that authorization is only enforced if the node's AuthenticationMode is set to Windows.

Parameters

-DomainUserName <String[]>
The domain username of the user or group that will be added to the authorization group. E.g., "LASERFICHE\John.Doe"
Required? true
Position? 1
Default value
Accept pipeline input? true (ByValue)
Accept wildcard characters? false
-Admin <SwitchParameter>
Specifies that the user or group should be added to the Admin authorization group.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-ReadOnly <SwitchParameter>
Specifies that the user or group should be added to the ReadOnly authorization group.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-Client <SwitchParameter>
Specifies that the user or group should be added to the Client authorization group.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-Machine <SwitchParameter>
Specifies that the user or group should be added to the Machine authorization group.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false

Inputs

System.String

You can pipe user names of domain users as strings to Add-DomainUserToLocalNodeAuthorizationGroup.

Outputs

None

This function does not return any output.

Examples

Example 1

PS C:\> Add-DomainUserToLocalNodeAuthorizationGroup -DomainUserName "LASERFICHE\John.Doe" -Admin

Adds the user, John.Doe, of the Laserfiche domain to the Admin group.