5.3 Restricting Groups of Users from Seeing One Another

If your Novell Vibe site has multiple sets of users who need to remain hidden from each other, you can use access controls to restrict users who belong to a specific group from seeing users who do not belong to the group. For example, you might want to do this if your Vibe site contains users from more than one company and you want users to see only the users who belong to the same company.

You accomplish this by setting zone-level access controls on individual users or groups of users, limiting them to seeing only those users with whom they share a common group.

When you restrict groups of users from seeing one another in your Vibe site, you see the following behaviors:

To restrict groups of users from seeing one another:

  1. Create a group for each set of users that you want to keep separate. For example, create groups called Company A, Company B, and Company C.

    For information about how to create a group, see Section 5.2, Creating Groups of Users.

  2. Populate each group with the appropriate users.

    For information about how to populate groups with users, see Section 5.2, Creating Groups of Users.

  3. Navigate to the Administration page and add the groups to the Can Only See Members of Groups I Am In role.

    If you want to allow certain members of a group to retain their ability to see users that belong to groups outside of their own, you can add these specific users to the Override “Can Only See Members of Groups I Am In” role.

    For more information about these roles as well as other roles, see Understanding Default Workspace and Folder Roles.

    For information about how to add users and groups to a specific role, see Section 2.3.2, Assigning a User to a Role.

IMPORTANT:Do not create a group that contains users who you want to hide from each other. For example, if your Vibe site has users from Company A and Company B, you should not create a single group that contains users from both Company A and Company B. Users who belong to a common group are able to see each other, regardless of any access controls that are set on other groups. If you must create a single group of users from multiple companies, first create a sub-group for each company so you can keep users’ names separate from each other.