3.2
Table Of Contents
- Title Page
- Contents
- Using This Guide
- Getting Started with the Interplay | Administrator
- Database Settings
- Creating an Interplay Database
- Interplay Databases, Folders, and Files
- Creating and Restoring Database Backups
- Types of Interplay Administrator Backups
- Recommendations for Backup Configuration
- Setting the Number of Database Backups to Keep
- Scheduling Automatic Database Backups
- Starting a Backup Manually
- Using an Archiving Tool for Backup
- Restoring an Earlier Version of a Database
- Performing a Partial Restore of an Interplay Production Database
- Creating a Metadata-Only Backup for Customer Support
- Performing a Consistency Check
- Viewing Database Information
- Locking and Unlocking Databases
- Managing Databases: Deactivating, Activating, and Migrating
- Moving a Database to Another Server (Non-Clustered Systems)
- Moving a Database and Users to Another Server (Non-Clustered Systems)
- Moving a Database to Another Server (Clustered Systems)
- Moving a Database and Users to Another Server (Clustered Systems)
- Moving a Database Under Low Disk Space Conditions
- Renaming a Database
- Running Database Maintenance Tools
- Identifying the Root Folder of the Interplay Server Database
- Server Settings
- User Management
- Understanding the Central Configuration Server
- Adding Users to a Central Configuration Server
- Setting User Authentication Providers and Importing Users
- Managing Users, User Groups, and User Rights
- Understanding Default User Groups, Users, and Roles
- Adding User Groups
- Adding Users Manually
- Viewing and Setting Attributes
- Understanding Standard Roles and Default Rights
- Viewing and Changing Roles
- Viewing and Setting Authentication Providers for Individual Users
- Deleting Users and User Groups
- Removing Users from User Groups
- Managing Database Roles
- Guidelines for User Management
- Site Settings
- Defining Property Layouts
- Setting the Resolutions Available for Display
- Creating Custom Properties
- Configuring Remote Workgroups
- Configuring Categories
- Setting Server Hostnames and the Workgroup Name
- Interplay Media Services View
- Interplay Transfer Status View
- Interplay Transfer Settings View
- Workgroup Transfer Presets View
- Specifying Remote Servers for Asset Tracking
- Specifying Archive Settings
- Setting the Ownership for New Database Folders
- Enabling Interplay Synced Projects
- Setting Options for Deletion
- Viewing and Setting the Metadata Override Status
- Production Engine Bus Connector
- Application Settings
- Application Database Settings View
- Setting Options in the Editing Settings Tab
- Setting Audio Mixing Defaults for Access, Assist, and MediaCentral | UX
- Sending a Source to Playback in Interplay Assist
- Setting the Shotlist Start Timecode for Interplay Access and Interplay Assist
- Setting an Automatic Timeout for Interplay Assist and Avid Instinct
- Configuring the Frame Locators Display
- Configuring the Restrictions Display
- Media Composer | Cloud Settings
- Setting Instinct/Assist User Options
- Pro Tools Plug-Ins Settings
- Application Database Settings View
- Interplay Services
- Troubleshooting
- Reuniting a Split Database
- Installed Components and Services
- Interplay Engine Configuration Files
- Valid and Invalid Characters in Interplay
- System Metadata Properties
- Server Error Codes
- Consistency Check Codes
- Index
Guidelines for User Management
143
Guidelines for User Management
This topic provides information and suggestions that can help you manage users and access. For
more information about managing user roles, with specific examples, see “Setting Up a Folder
Structure and a User Database” in Interplay Best Practices.
• The fundamental rule of user management is that explicit rights override inherited rights,
and database rights (set in the Database Management view) override CCS rights (set in the
User Management view and stored in the CCS). The exception to this rule is the user who is
a global Administrator set through the User Management view. This Administrator always
has Administrative rights on all folders, even if rights are set otherwise in the Manage
Database Roles view.
• By default, the root group Users is assigned the NoAccess role. That means that all user
subgroups (Everyone, Imported Users, Migrated Users and any other groups you add)
except for the Administrators and UNITY (under the Imported Users) have the role
NoAccess through inheritance. NoAccess means that a user cannot even log in to the server.
(The Administrators group is assigned the Administrator role and the UNITY group is
assigned the Read role.)
To override the NoAccess role, create another user group with a different role and copy the
user into that group.
c
Changing the role for the Users group or the Everyone group (from No Access to Read, for
example) makes it impossible to take away this role from individual users. Avid
recommends that you do not change the role of the Users group or the Everyone group.
• You can assign a user to more than one user group (see “Setting or Changing a General Role
Assignment” on page 137
) and each group can have a different role. As a result, the user
inherits different roles, which can be useful if a user contributes to different projects in
different ways.
• In the User Management view, you can set only group roles. You can set roles for individual
users in the Manage Database Roles view. See
“Managing Database Roles” on page 133.
How the Interplay Engine Determines Access
The following steps describe how the Interplay Engine server determines access to an object
(usually a folder). This process can help you understand how to assign roles and access:
1. The server checks on the object in question to see if explicit rights are set. If a user is
assigned a role on the object, the evaluation stops and the server grants the user only the role
allowed and the accompanying rights, if any.
2. If no explicit permissions were found on the object, the server checks the inherited rights on
the object in question.