0 votes

Is there a way to configure the module "Member of" in a "View user"-action as purely read only?

As it stands now we are able to navigate to a seperate viewing page that displays all of the information about the group (including all of its members) just by clicking the name of the group in the module "Member of".


Alternatively: Is there a way to turn off the viewing pages for groups completely in a web interface, while keeping the "View user"-action able to work as intented (able to fetch information about users, and the groups they are members of)?

We only want the home page with its defined actions to be accessible for users of this dashboard. And seeing as this dashboards also has other actions that needs write-access to AD, we can't specify purely read-rights via the security role either.

by (100 points)

1 Answer

0 votes
by (294k points)
selected by
Best answer

Hello,

Unfortunately, there is no possibility to make groups in the Member Of section non-clickable. At the same time, we are not sure what you mean by we can't specify purely read-rights via the security role either. A security role like below will allow users to see the groups, but not their property values. image.png If this solution does not meet your needs, you can make groups considered to be containers in the particular Web interface. image.png In this case whenever a user clicks a group, they will see something like the following: image.png

0

Hi, and thanks for your quick answer.

This doesn't exactly solve our problems with not being able to access different pages other then the Home Page, but the "Container"-trick is satisfactory in the sense that users of the dashboard won't be able to access information about the groups.

We will be moving forward with this approach, thanks!


On another note: With your suggested security role-config... Will we be able to see the name of the groups, including its description from AD via collums in "Member of"?

And can we expect to see an option for making "Member of" read-only in a future release of Adaxes?

+1

Hello,

Will we be able to see the name of the groups, including its description from AD via collums in "Member of"?

Users will see the group names in the Member Of section and after clicking a group. However, they will not see any properties and will be presented with the The object does not exist message.

As another option, you can configure the Web interface forms for groups to only contain the required properties. This way, no matter of the permissions, they will not see any other property values.

And can we expect to see an option for making "Member of" read-only in a future release of Adaxes?

There are currently no such plans, but we have forwarded the suggestion to the corresponding department for consideration.

Related questions

0 votes
0 answers

We're having an issue where removing groups from a user object gets executed in AD and also reflected if browsing through the Adaxes Admin Console to the user object, but ... cache, but that didn't make a difference. Does anybody experience this issue, too?

asked Dec 12, 2016 by rsc (40 points)
0 votes
1 answer

Is there a way to expand the fields in the Member Of view to be able to read all the text contained?

asked Aug 1, 2018 by rurbaniak (1.5k points)
0 votes
1 answer

I'd like to limit users from being able to login to the Web interface. In other words, if a user opens multiple browsers or tabs, can I prevent them from being able to login to each tab/browser and starting multiple sessions? Thanks!

asked Apr 10 by cewilson (190 points)
0 votes
1 answer

Is it possible to grant selected user option to add custom license plan (or just subset of its licenses) to given user(s) using web interface?

asked Feb 28, 2023 by KIT (960 points)
0 votes
1 answer

I would like to change department without a script just yet if possible on multiple accounts. If I cant do this then I will entertain custom script Thanks :)

asked Nov 23, 2021 by will17 (350 points)
3,588 questions
3,277 answers
8,303 comments
548,090 users