Security

Home » Support Library » User Guides » User Guide - FOIA Product » Security

Security

The Administration/Security section allows you to specify which users can access which functions in the system. You can also manage users, user groups, and document and email settings.

LDAP Configuration
Organizational Hierarchy
Functional Access Control
Select Privileges
LDAP User Management
Office Information
Group Management
Modules
Document Management
Document Delivery Policy
Email Configuration
Microsoft Exchange Configuration
Document Upload Policy
Convert Incoming/Outgoing Email
Azure AD Oauth Configuration

Update LDAP Configuration

Use the LDAP Configuration section to edit and create LDAP Directories. Authorized users can view the LDAP group structure and create and manage Ad-Hoc groups.

In the Security section, select LDAP Configuration. The current directories are shown.

Add a New Directory

1. Select +Add New Directory.

The Add New Directory window opens.

2. Complete the required fields.

Note: Required fields are outlined in red.

3. Select Save. 

Start LDAP Partial Sync

1. Select the refresh refresh iconbutton to start the LDAP partial sync.

2. Select Differential Sync or a Full Sync.

Run Synchronization

3. Click Save.

View LDAP Group Configuration

1. Select the button button to the right of the directory name to view the LDAP Group Configuration.

The Configuration is shown.

2. Click Cancel to close the window.

Edit the Directory

1. To edit the Directory, select the edit button to the right of the directory name. The directory configuration opens.

2. Make configuration modifications as needed.

3. Enter your password when prompted, then click Save.

Delete the Directory

1. To delete a Directory, select the delete button to the right of the directory name.

2. Confirm the deletion of the record or click Cancel.

Delete the Directory

Organizational Hierarchy

Use the Organizational Hierarchy section to edit and create Ad-Hoc groups.

In the Security section, select Organization Hierarchy. The current organizational hierarchy is shown.

Note: The page shows 10 items by default. Use the items per page dropdown to display 5, 10, 20, or 50 pages.

Expand Organizations

1. To Expand on an Organization, select the expand/collapse arrow to the left of the Organization’s name.

2. Edit or delete organization members using the edit-delete icon buttons under the Actions.

Search for a Group

1. On the Organizational Hierarchy banner, select the LDAP group in which to search using the dropdown menu.

2. Type at least 3 characters in the search box and select the search button.

Add Ad-Hoc Group

1. Click the Add Ad-Hoc Group button.  The Add Ad-Hoc Group window opens.

2. Complete the required information.

Note: Required fields are outlined in red.

3. Click Add Group.

Add LDAP Group

1. Click the Add LDAP Group button.  The Add LDAP Group window opens.

2. Complete the required fields.

Note: Required fields are outlined in red.

3. Click Add Group.

Add Existing Members

1. To add an existing user to a group, select the Add Existing Members -icon button in the Actions column. The Add Members window opens.

2. Search for the existing user.

3. Select Add.

Add New Members

1. To add a new member (a user who is not in the system), select the Add New Members button in the Actions column. The Add Ldap Member window opens.

2. Complete the new user information.

Note: Required fields are outlined in red.

3. Select Add Ldap Member.

Add LDAP Sub Group

1. To add an LDAP Group, select the Group -icon button in the Actions column. The Add LDAP Group window opens.

2. Complete the required information.

Note: Required fields are outlined in red.

3. Click Add Group.

Delete a Group

1. To delete a LDAP Group, select the Delete - icon button in the Actions column. A confirmation window opens.

Delete a Group

2. Click Delete.

Functional Access Control

Use the Functional Access Control to associate application roles with user roles.

Tip: You can click the following link to download a spreadsheet of  Admin Privileges Description – Business

1. In the Security section, select Functional Access Control. The existing application role-user role mapping is displayed.

2. Select a role from the Choose Application Role list. Once selected, the current authorizations will show in the authorization lists.

Tip: Use the Search field at the bottom of each column to help locate the roles.

3. To change authorization, select an authorization from either of the Authorized/Non-Authorized lists and click the >> right arrow button or the << left arrow button. The authorization will move to the opposite list and the webpage will refresh.

Search on the Functional Access Control Page

Search the lists by entering at least two characters in the search field. Click the Search icon. A list of matches is shown.

Select Privileges, Edit or Create Role

Select Privileges allows you to assign privileges based on application role. You can also create a new role and associate privileges with it.

1. In the Security section, click Select Privileges. The existing applications roles are shown.

2. Select a role from the Choose Application Role list. The current authorizations will display.

3. To change authorization, move an authorization from either of the Authorized/Non-Authorized lists using the >> right or << left arrow button.

Edit a Role

1. To edit an existing role, select the role in the Choose Application Role list.

2. Click Edit Role.

The Create Role window opens.

3. Enter the updated role name.

4. Click Apply Changes.

Create a Role

1. To create a new role, click Create Role.

The Create Role window opens.

2. Enter the name of the new role, then click Create Role.

LDAP User Management

Use LDAP User Management to update LDAP user’s privileges.

1. In the Security section, select LDAP User Management. The existing applications roles are shown.

2. Select a user from the Choose User list. The current authorizations are shown.

3. To change the user’s authorization, select a group from either of the Authorized/Non-Authorized lists and click the >> right or  << left arrow button.

Clone a User

1. To clone an existing user, select the user in the Choose User list.

2. Click Clone User.

The Add Ldap Member window opens.

3. Enter the information for the new user, then click Add Ldap User.

Delete a User

1. To delete a user, select the user in the Choose User list. Click Delete User. 

A confirmation opens.

2. Select Delete User.

Search on the LDAP User Management Page

Search the lists by entering at least two characters in the search field. Click the Search icon. A list of matches is shown.

Office Information

Use the Office Management section to update office information.

The office information links to the lookups configuration for Component Agencies. See Applications/Lookups Configuration for more information.

Group Management

Use the Group Management section to manage group structures. You can add or remove groups for other groups.

1. In the Security section, select Group Management. The existing groups are shown.

2. Select a group from the list.  The subgroups are shown.

3. To move a subgroup into or out of another group, select the subgroup name from either of the lists and click the >> right or << left arrow button.

Search on the Group Management Page

Search the lists by entering at least two characters in the search field. Click the Search icon. A list of matches is shown.

Modules

Use the Modules section to manage the modules a role has access to.

1. In the Security section, select Modules. The existing applications groups are shown, along with lists of the role’s authorizations.

2. Select a role from the Choose Module list. The current authorizations are shown.

3. To change authorization, select an authorization from either of the Authorized/Non-Authorized lists and click the >> right or << left arrow button.

Search on the Modules Page

Search the lists by entering at least two characters in the search field. Click the Search icon. A list of matches is shown.

Document Management

Use the Document Management module to upload your Microsoft website certificate file.

1. Select Document Management. The Document Management window opens.

2. Click Choose File.

3. Browse to the website certicate file.

4. Click Save. 

Document Delivery Policy

Use the Document Delivery Policy section to manage the policies for your document delivery.

Set the username and password to allow outgoing and incoming emails to be tracked and associated with the correct Requests, etc.

Change the Delivery Methods

Select the types of delivery types you would like to permit.

Other Document Delivery Options

1. Choose additional options as needed:

  • Server Type
    • SMTP
    • Microsoft Exchange
    • Microsoft Azure Active Directory(OAuth2.0)
      • Note: If you are configuring this option, please see the below sections ‘Email Configuration’ and ‘Azure AD OAuth Configuration’ for additional configuration details.
  • Server Address
  • Port
  • Encryption Type

2. After making your selections, enter your username, password, and the address for the email that all email communication will be sent from.

3. Select Validate.

4. Once validated, select Save.

Email Configuration

Use the Email Configuration section to manage the policies for automatically creating Complaints, Cases, or Requests from an incoming email.

1. Select Email Configuration. The Email settings page opens.

2. Select Enable creating Request from incoming mail and enter the email address and password.

3. Click Save.

Note: For Microsoft Azure Active Directory(OAuth2.0) configuration, Enable Modern Authentication must be checked.

Microsoft Exchange Configuration

Use the Microsoft Exchange Configuration section to manage settings related to Microsoft Exchange as needed.

1. In the Security section, select Microsoft Exchange Configuration. The existing configurations are shown.

2. Select the server version, enter the client access server, access, and exchange default access.

3. Click Save.

Document Upload Policy

Use the Document Upload Policy section to specify converting uploaded document formats to PDF.

1. In the Security section, select Document Upload Policy . By Default all options will be unchecked.

2. Select the type of files to be converted to PDF.

3. Click Save.

Convert Incoming/Outgoing Emails to PDF

1. To specify email conversion to PDF, select Convert Incoming/Outgoing Emails to PDF.

2. Check which emails to convert.

3. Click Save.

Update Azure AD OAuth Configuration

To configure Azure AD OAuth, select Azure AD Oauth Configuration. Enter the  values and click Save.