Permissions determine which features in the InsightCM web application a user can access after logging in. Several factors determine which permissions a user receives:
|Permission||The ability to see and/or configure a specific page or tab in the web application. You assign permissions to roles.|
|Role||An administrator-defined persona with assigned permissions.
Refer to the Creating Roles and Assigning Permissions topic to learn how to define new roles and how to configure new or existing roles.
|Active Directory group|| A group in the Windows Active Directory service running on the server machine that contains user accounts. Groups map to
The web application does not require you to authenticate users with Active Directory. An alternative is allowing users to log into the NI InsightCM web application with the names of built-in roles, which do not require a password. Refer to the Authenticating Users via Windows Active Directory topic to learn how to authenticate users with the Windows Active Directory.
|User account||An account on the Windows domain whose credentials a user enters to log in to the web application. Accounts belong to Active Directory groups and therefore, they receive the permissions from any role to which their Active Directory group is mapped.|
The following diagram shows the relationship between all four items. Notice that the user accounts receive permissions via a group. In other words, you cannot apply a set of permissions to just one account because you must apply a set of permissions to a group.