Presentation is loading. Please wait.

Presentation is loading. Please wait.

Aspen Security Management ADM01 Jeff Uva. Agenda Security preferences Self-serve password recovery User access Role-based security School associations.

Similar presentations


Presentation on theme: "Aspen Security Management ADM01 Jeff Uva. Agenda Security preferences Self-serve password recovery User access Role-based security School associations."— Presentation transcript:

1 Aspen Security Management ADM01 Jeff Uva

2 Agenda Security preferences Self-serve password recovery User access Role-based security School associations Example: Customizing a role Field-level security Example: Using security tags Logs

3 Agenda Security preferences Self-serve password recovery User access Role-based security School associations Example: Customizing a role Field-level security Example: Using security tags Logs

4 Security Preferences Session timeouts Logon attempts Location restrictions o Examples: 10.*, *.my-domain.edu Password rules o Examples: Min length, require numeric Can be overridden for individual users

5 Agenda Security preferences Self-serve password recovery User access Role-based security School associations Example: Customizing a role Field-level security Example: Using security tags Logs

6 Setup © 2009, All Rights Reserved X2 Hosted Districts x2dev.com SSL not necessary Self-Hosted Districts Create an address Put in name or IP address of your internal SMTP server

7 Self-Serve Password Recovery

8 End User Interaction Resetting a password

9 Agenda Security preferences Self-serve password recovery User access Role-based security School associations Example: Customizing a role Field-level security Example: Using security tags Logs

10 User Access Privileges Schools Elementary Music Teacher (Roles) Tech Director Front Office Secretary Schedule Guru Superintendent

11 Agenda Security preferences Self-serve password recovery User access Role-based security School associations Example: Customizing a role Field-level security Example: Using security tags Logs

12 Anatomy of a Role New Role Views Data Access Navigation Restriction

13 Role-Based Security InstructorFamilyNurseRegistrar Users Roles

14 Fixing a Missing Privilege Error 1.Examine the user’s roles. 2.Add the privilege to the appropriate role. 3.Contact X2 to fix this problem in a future release!

15 Fixing a Missing Privilege Error

16 Agenda Security preferences Self-serve password recovery User access Role-based security School associations Example: Customizing a role Field-level security Example: Using security tags Logs

17 School Associations Only apply to school-scoped views Apply to all accessible views “Implied schools” in the Staff view

18 Agenda Security preferences Self-serve password recovery User access Role-based security School associations Example: Customizing a role Field-level security Example: Using security tags Logs

19 Example: Creating a User Account Create a new user with the following attributes: o Your Name o Login ID: {firstinitial}.{lastname} o Password: x2 o Password expiration date: Today’s date

20 Example: Customizing a Role Copy the Conduct Manager role Name the Role: o Conduct Manager – (your initials) Increase access: o Add the District View o Add “Global school access” privilege o Remove “non-conduct” navigation Assign role to user from Exercise 1

21 Agenda Security preferences Self-serve password recovery User access Role-based security School associations Example: Customizing a role Field-level security Example: Using security tags Logs

22 Field-Level Security Privilege access applies to all fields within a table: o Tags can limit access to particular fields. o Tags cannot increase access beyond what privileges grant. Workflow: o Fields are grouped into tags. o Tags are assigned to roles with a modifier. Tag combinations define general table behavior.

23 Tag-Role Combinations Tags based on the Student table: o The Student table contains 245 fields. Tag T1 contains 2 student fields: o LASID and SASID Tag T2 contains 6 student fields: o LASID, SASID, YOG, Name, Address, Enrollment Status Tags applied to a role that has full privileges to the Student table

24 T1 – No Access Student (245 fields) T1 (2 fields) Full AccessRead-OnlyNo Access

25 T1 – Read-Only Student (245 fields) T1 (2 fields) Full AccessRead-OnlyNo Access

26 T1 – Full Access Student (245 fields) T1 (2 fields) Full AccessRead-OnlyNo Access

27 T1 – Read-Only, T2 – Full Access Student (245 fields) T1 (2 fields) Full AccessRead-OnlyNo Access T2 (6 fields)

28 T1 – Full Access, T2 – Read-Only What are the results? Full AccessRead-OnlyNo Access Student (245 fields) T1 (2 fields) T2 (6 fields) Student (245 fields) T1 (2 fields) T2 (6 fields)

29 Agenda Security preferences Self-serve password recovery User access Role-based security School associations Example: Customizing a role Field-level security Example: Using security tags Logs

30 Example: Using Security Tags Create a tag with the fields of LASID and SASID. Associate the tag with the Conduct Manager role as read-only. Log in with the user account created in Example 1. What are the results?

31 Agenda Security preferences Self-serve password recovery User access Role-based security School associations Example: Customizing a role Field-level security Example: Using security tags Logs

32 Privileges Advanced Query WHERE USR_OID IN ( SELECT URO_USR_OID FROM USER_ROLE INNER JOIN SECURITY_ROLE ON URO_SUR_OID = SUR_OID INNER JOIN SECURITY_ACCESS ON SUA_SUR_OID = SUR_OID INNER JOIN SECURITY_PRIVILEGE ON SUA_SUP_OID = SUP_OID WHERE SUP_PRIVILEGE_ID = '{prompt:supPrivName}’ ) Privilege Name Pattern: Create/Read/Update/Delete/Mass Update/Global [3-character object prefix].bean.[privilege in lower case, no spaces] e.g: std.bean.massupdate

33 Thank you.


Download ppt "Aspen Security Management ADM01 Jeff Uva. Agenda Security preferences Self-serve password recovery User access Role-based security School associations."

Similar presentations


Ads by Google