Configure Trust permissions on administrative roles
The administrative role permissions to Trusts determine the level at which a Console user is allowed to manage Trusts. Trust permissions allow for a granular delegation of control of Trusts and allows you to set up administrative roles for owners of specific Teams, Agents, Modules and Resources, with specific permissions to Trusts on these items. For example, you can configure a administrative role for the owner of a specific Team that only allows him to configure Trusts for this Team. Other administrative roles may only see whether a Trust has been configured for the Team.
At Administration > Security, you can assign the trust permissions in the Trusts column on the Permissions tab of an administrative role. The Trusts column is only shown when Trusts Security is enabled.
For each administrative role, Trust permissions can be set to Deny, Read, Modify or Inherit:
|
Trust |
Explanation |
|
|
Deny: If this permission has been assigned, it is not possible to configure Trusts for the item. This is the default setting. |
|
|
Read: If this permission has been assigned, a Console user can only view which Trusts are configured for the item. It is not possible to modify these Trusts. |
|
|
Modify: If this permission has been assigned, a Console user has all permissions to configure Trusts for the item. |
|
|
Inherit: If no particular permissions have been assigned (blank check box), the item will inherit the permissions from the above lying item, if applicable. If no above lying item exists, the default setting applies: Deny. Team folders, Module folders Resource folders, show the name of the parent folder and the items they contain. |
Permissions on Access and Trusts
Console users can only configure Trusts for items in the Console to which their administrative role grants access, so if they either have Read or Modify access to this item.
Example 1
If a administrative role grants Read access to a specific Resource, it will not be possible for a Console user who logs on with this security role to modify any settings of the Resource EXCEPT configure Trusts.
Example 2
If a administrative role grants Modify access to a specific Resource, a Console user who logs on with this administrative role can modify all settings of the Resource, including configuring Trusts.