Title: First Login 3.5

Using the Server



Log In



1. The server will restart itself and come up with the new journal. After you see, ìServer readyî in the console, click to navigate to the journal.

2. If everything was configured correctly, a Traction front page should appear. You should not be presented with a login form, and you should see your own Windows username in the My Account link, e.g. if you were logged into Windows as Administrator you should see:



Set the Login and Server Admin ACLs



When using Traction with Active Directory, a Traction profile is created for each Active Directory user when that user first accesses Traction. In order to access Traction, that user (or a group the user is in) must be granted login permission via the login ACL.

Note that if no ACLs are specified, all users have both Login and Administer Server permissions. When you first define an ACL that grants one of these permissions, that ACL becomes authoritative and only the specified users (or group) will have the designated permission.

Important! Warning: Be careful when defining ACLs and check your work before you press the apply button. It is possible to lock yourself out of your journal, which will require you to get an owner-enabled license and owner login password from Traction Software. Make sure at all times that at least one user has both Login and Administer Server permissions.

1. Go to Server Setup | People. This page looks like earlier Traction releases, with the addition of the button . Click this button.

2. The Server ACL Editor pops up.



This editor allows you to determine what users or groups are allowed to login to Traction, and what users or groups are allowed to administer Traction.

Note: Later versions of Traction add additional ACLs to this list, e.g. ìModify /pub folderî and ìModify System Foldersî. The illustrations in this section do not show these options.

3. First let's give your account both permissions. Note: once you do this, the journal will be locked down and nobody else will be allowed to log in until you enable them via ACL. To do this, click the button .

4. The New User dialog appears. This dialog lets you create an ACL for any known user (users whose Traction profile has already been created), or any Active Directory user (even if their Traction profile has not yet been created). You can also configure an ACL for Visitors.

For now, select the user your are logged in as, in this case Administrator, and press OK.



The dialog disappears and the user is listed in the ACL dialog:



Now, click both checkboxes underneath allow. When you click each of the checkboxes you will get the following warning:



You have assigned yourself both permissions, and your ACL editor should look like this:



However, the changes have not yet been applied. To apply the changes, press the Apply button. You are now the only person with any access to this Traction journal.

5. Click the button a few times, so that you add a few additional rows to the ACL table. You can press to do an active directory lookup of a partial user name; all matching users will be displayed. If you specify no user name, the lookup will list all available users.

Next, for each user, configure the permissions that you want them to have:



Clicking Visitor lets you determine whether unauthenticated users are allowed to access your server. If you check the deny checkbox next to login, visitors will not be allowed to access your server:



5. Note that the Effective Permissions button is grayed out. ACL values, when not specified, are inherited. Just like in Windows, you must click the Effective Permissions button to see what the final ACLs are. This button becomes available once you click Apply.

Click Apply:



6. Now select a user and click to see the final permissions for that user:



7. The Effective Permissions window lets you change to a different user, or to a group, by clicking the User or Group buttons.

8. You can similarly add ACLs for Groups, by clicking the Add Group button on the ACL editor. Currently you can edit ACLs for any Active Directory group, and for the group Everyone. Traction also includes a group editor that lets you define groups within Traction.



You can configure ACLs for Groups just as you can for users. Note that groups are displayed in blue and users are displayed in black:



You can now set up some ACLs for testing, using your various Active Directory groups. When you are done setting up Server Admin and Login ACLs, click Close.

Setting Project Permission ACLs



The exact same mechanism is used to configure project ACLs. The Project Setup | Permissions page currently just points to an ACL editor:



1. Click the Access Control List button to open the editor, and configure ACLs for users and groups. Note that in most cases, you can just create ACLs for a few groups. Also note that ACLs are recursively interpreted; if a group contains other groups, the ACL is applied to the combined membership of all the contained groups. For example, if the group Technical Team contains the group Engineers, ACLs applied to Technical Team will also apply to users who are only listed as members of the group Engineers.



2. Note that after you press apply, you can test the Effective Permissions for any user or group, even if they don't have an ACL defined here, e.g.



Showing Details for Users and Groups



All the ACL dialogs include a link. When you click this button with a user or group selected, the details for that user or group are displayed, e.g. here is the result of clicking Show Details for the Technical Team group:



All the user and group links are active and will display the details for the corresponding user or group.

Also, the Server link under Effective Permissions links to the Server Setup ACL editor, and the project names all link to the corresponding project's ACL editor.

Permission Details for a User



In Personal Setup | Permissions, you can see a matrix that lists the effective permissions for all projects that have an ACL that affects a given user. This is similar to the Show Details dialog for the user.



Now you can navigate through Traction, user accounts will be created automatically for users based on their NTLM logins, and their permissions will be set based on the ACLs you have defined.





Attachments:
image191.gif
image125.jpg
image193.gif
image126.jpg
image194.gif
image127.jpg
image128.jpg
image129.jpg
image130.jpg
image195.gif
image196.gif
image131.jpg
image132.jpg
image133.jpg
image197.gif
image134.jpg
image135.jpg
image136.jpg
image137.jpg
image138.jpg
image140.jpg
image198.gif
image141.jpg
image142.jpg
Article: Doc117 (permalink)
Date: March 22, 2008; 4:02:56 PM Eastern Daylight Time

Author Name: Documentation Importer
Author ID: importer