Access Control Settings
Access Control Settings, which are part of the Role-Based Access Control (RBAC) system, are available for every access profile in the Permissions, Restrictions, Access Hours, and Authentication tabs of the access profile editor window. Find details about each of them below:
The options available in the Permissions tab allow admins to determine which users or groups can access specific resources through an access profile.
Inherit label access permissions
This option is selected by default and makes the current access profile available to all the users or groups who can access the Label related to an access profile. For more details, see Label.
Allow anonymous access
This option is selected by default and makes the access profile available without any type of authentication, that is, anyone accessing Thinfinity Workspace will be able to access the profile.
Group or user names
The Add button enables the selection of local domain users and groups authorized to use the access profile. It opens the Windows 'Select Users or Groups' dialog, allowing the selection of Active Directory users. This button is only available when the 'Allow anonymous access' option is deselected. (*)
The Remove button allows deleting a user or group from the list of users or groups allowed to access the profile.
Permission Groups
Offers access to the permissions groups editor. See the paragraphs below for details.
Reservation buffer
Allows the admin to set the buffer size in which concurrent reservations are allowed. Used in conjunction with the Reservation limit parameter.
Reservation limit
Allows setting the number of concurrent reservations for the resource (the number of simultaneous users).
(*) Thinfinity Workspace supports a user changing the password at their next logon within the web interface. Make sure to uncheck the Use standard browser authentication checkbox in the Authentication tab to enable this option.
If a user or user group needs access to multiple resources, you must create additional access profiles and assign the user or group to each one. Once authenticated, the user can select from the available access profiles to establish a connection. Clicking the Permission Groups button will display the following dialog window:
The following options are available:
Drop-down field
Lists the permissions groups (roles) defined in the system.
[+] button
Adds a new permissions group (role) to the list.
R button
Allows renaming the selected permissions group or role.
[-] button
Removes the selected permissions group or role.
Here is a description of each type of permission:
Access
Enables immediate access to the profile.
Requires approval
Indicates that the user request requires an approval.
Approve access
Can authorize / approve reservation request.
Self reserve
Can create reservations for oneself.
Others can reserve
Can be added by others for the use of a resource.
Reserve for others
Can create reservations for others.
Allow Recurrency
Can create recurring reservations.
For details on how to manage permissions and roles, see Resource Reservation and Role Definition - Permissions Groups.
Was this helpful?