Summary

Laserfiche allows you to set up authentication based on the Windows groups to which a user belongs. In other words, Laserfiche security can be configured to allow a Windows user that has not been associated with a Laserfiche user account to log on to a repository when he or she belongs to one or more trusted Windows groups.

More Information

A Laserfiche repository can be configured to allow Windows users that are not associated with a Laserfiche user account to log on through trusted Windows accounts. Trusted Windows accounts can be configured from the Windows Accounts node in the Laserfiche Administration Console. When adding trusted Windows groups, keep in mind that they will automatically be assigned to the Laserfiche group called "EVERYONE." In other words, by default, these Windows groups will be limited to the privileges, feature rights, entry access rights, volume access rights, and field access rights granted to the EVERYONE group. This type of security, which is also known as authorization, can be supplemented by associating the desired Windows groups or users to Laserfiche groups from the Groups node in the Laserfiche Administration Console.

Note: Associating a Windows group to a Laserfiche group from the Group Properties dialog box only determines the privileges, feature rights, entry access rights, volume access rights, and field access rights that will be assigned to the group. It does not affect whether Windows users associated with that group will be allowed to authenticate to a Laserfiche repository.

Note: After adding trusted Windows groups, Windows users that belong to those groups will be able to log on to a Laserfiche repository without specifying a user name and password.

Note: If a Windows user belongs to both trusted and denied Windows groups and the user has not been granted trusted status, then that user will not be allowed to log on to the Laserfiche repository.

Note: You can add both Windows user accounts and Windows group accounts to the Windows Accounts node. The status assigned to a Windows user account will take precedence over any Windows group account.

To set up Windows authentication using Windows groups

1. Click Start, point to All Programs, Laserfiche, and click Laserfiche Administration Console.
2. Expand the appropriate Laserfiche Server and log on to the appropriate repository as a user with the Manage Trustees privilege.
3. Expand the Users and Groups node.
4. Select Windows Accounts.
5. From the Action menu, click Add Windows Account.
6. Specify a Windows group account.
7. Under Authentication, select the Trusted option.
8. Click OK to finish adding the trusted Windows group account.