Autodesk Productstream delivers several roles and permission levels to data in Vault. Individual users can be created manually with a username, password, email address and Vault permission level ranging from Administrator to Vault Consumer. These users can also be added to Groups inside Productstream, and optionally let the Group role define the role of each participant in that group. And Groups can contain other Groups and so on. When leveraging Vault folder level permissions – also known as Access Control Lists or ACL’s – the use of Groups makes user management easier. This is a best practice for establishing folder hierarchy and the overall security model of your Vault.
Getting back to the creation of users, Productstream makes the job of creating the users as easy as importing them from your company’s domain either one at a time, or by domain group. The users or groups will appear in Productstream as their windows login ie:<domain>\<username> .
The import from Active Directory is configured after installation of Productstream. This can be performed at the server through the ADMS Console or from the Productstream client if you log in as an administrator role. Go to Tools>Administration>Security tab and select either Users to import individuals or Group to import domain groups. From the Actions pull down menu, choose Import Domain user/group.
This provides several benefits. First, user will have one less login and password to remember. When logging in to Productstream, through Inventor, AutoCAD, or MS Office, they can select the Windows Authentication option. As the user attempts to Authenticate the Autodesk Data Management Server (ADMS) will communicate with AD to ensure the user is still valid and if they are, will allow the user access to the system. Also, if the user has been disabled in AD, Productstream will deny the users access.
Administrators can optionally allow for the automatic creation of user accounts in Productstream any time a user attempts to Authenticate with Productstream and AD and the user is found in a valid AD group. Finally, this functionality will mean that for new hires, accounts will automatically be created without having to do this explicitly within Productstream.
-Brian Schanen
(0)