|
|
By default, all roles are assigned the default TRACCESS Permission Set. The top Organization Unit is assigned these defaults, and each subsequent Organization Unit "inherits" the permission set from their parent - which means without modifying anything, every role will always have the default permission set for that role. This is important for a few reasons:
The System Owner should modify the default Permission Sets for each role, since that is what the majority of people will have. For example, if you do not want your Operational Administrators to be able to generate Activity Reports on the entire database, ensure that you uncheck that feature in the Role Permission Set dialog for Operational Administrators. Be sure to check the default permissions sets for each role before rolling the system out to employees.
Changing the permission set for a particular Organization Unit will automatically give this permission set to every child Organization Unit of this parent. This may be the desired effect, but it may not. If not, make sure that you follow the Change a Permission Set for an Organization Unit procedure with the Change a Permission Set for a Child Organization Unit procedure afterwards.
The Change Permission Sets for <Organization Unit Name> dialog appears.
The Use Permission Set dropdown field becomes enabled.
The Change Permission Sets for <Child Organization Unit Name> dialog appears.
The Use Permission Set dropdown field becomes enabled.
|
|
|