Portability Suite’s user authorization and authentication mechanism is based on user roles, and controls application access and operations that users can perform. The mechanism is based on Integrated Windows* Authentication (IWA) and its interaction with Internet Information Services (IIS).
Portability Suite’s user auditing functionality is provided through the capability to log user actions (see Setting Up User Activity Logging).
A Portability Suite role is a collection of Portability Suite privileges that entitle a particular user to perform specific actions. During installation, the Portability Suite installation program creates three local Windows groups on the Portability Suite Server host: Portability Suite Administrators, Portability Suite Power Users, and Portability Suite Operators. These groups map directly to the three Portability Suite roles that control user authorization and authentication:
Portability Suite Administrators: Have unlimited access to all features and functions of the application. A local administrator is implicitly part of this group.
Portability Suite Power Users: Have access to most features and functions of the application with some limitations, such as restrictions in the capability to modify system settings related to licensing and security.
Portability Suite Operators: Have access to a limited subset of system features and functions, sufficient to maintain day-to-day operation.
When a user attempts to connect to a Portability Suite Server, the credentials provided through the Portability Suite Client are validated by IIS. If the user is not a member of one of the Portability Suite roles, connection is refused. If the user is a local administrator on the Portability Suite Server host, that account is implicitly regarded as a Portability Suite Administrator.
The following is a list of permissions for each role.
Table 2-1 Portability Suite Roles and Permission Details
To allow specific Windows domain or local users to carry out specific Portability Suite operations according to designated role, add the required Windows domain or user account to the applicable Windows local group (Portability Suite Administrators, Portability Suite Power Users, or Portability Suite Operators) on the Portability Suite Server host. For more information, see your Windows documentation.