In this article, we shall discuss “Pleasant User Group Permission and User Access”. Permissions are inherited or hierarchical. Therefore be careful on how you provision or give the user or group access to the resources available in the system (Passwords). Please, see How To Use Pleasant Password Private Folder, How to alter a DATABASE compatibility level, and how to Integrate Pleasant Password Server with Active Directory.

Like I said previously, we migrated (imported) four (4) roles as stated here. The users that are part of these roles only would be granted access to the passwords on the server.

Also, see How to Grant Local Admin Permissions to a Group [Part 1], how to Configure OpenSSH Server: A Quick Guide, and how to Setup RAID 5 and 10 with MegaRAID Storage Manager on RX300 S5.

The Two Scenarios

“Granting Administrators Access to the entire resources on the Password Server for the Administrators Team”, and “Granting Access to the User Team on the Password Server”.

For the Administrators Team, we will assign the administrator’s permission to every member of this Team

Locate and right-click on the root folder. Since we decided t manage user assignment (permission) via User Groups (Roles). We would select “Roles” under Add Access For

Under Roles, select the User Group imported from AD
Assign the Right Access as shown above
And ensure you select do not expire and
Click on Add.

We would follow the same steps and added the Roles (user group for the User Team). Pay attention to the access level too.

The only difference here is that we are ONLY granting access to the Group (Folder) Relativity as shown in the image above.

Also, take note of the permission assigned (This is currently set to FULL only)

This would ensure, they are only able to access these resources only in the password manager and there, therefore, enhances secure role assignment where teams can access password resources they are only allowed to access.

Please, see how to How to backup a Cisco IOS, how to Reset an XTM Firebox Device: Easy Guide, and WatchGuard Firebox: Restoring Backups on XTM Device.

Access Level

Here you can create, edit and delete Access Levels. Access Levels defines the Operation that can be performed by a Pleasant Password User. There are two types of permissions:

Action (A): Which allows a user to perform certain actions or functions on the system.
Grant (G): This allows a user to assign corresponding (A) actions to a user.

Note: We can also create a new access level as shown in the diagram above and also have modified default Access Level set to default.

Please, see WatchGuard Firebox XTM Device Image Backup, how to How to Set Up a WatchGuard XTM and Access WSM, and How to remove Recent vSphere Client Connections.

Assigning Access Level to Roles (User Group)

Recall we imported four different AD user groups to the Password Manager, which are as follow:

group1.com
group2.com
group3.com
group4.com

Also, we have the inbuilt Roles which are:

Administration and
User role

Hers are the steps in importing roles in the Pleasant Password Manager and Assigning permissions to the various roles. Import the desired roles from AD by Clicking on Import Roles From Active Directory / LDAP server as shown below

Click on Actions and select import roles as shown below

After successfully User Group (Roles) import,

Navigate to any of the desired roles
Click on Actions
Click on Set permission as shown below

Nonetheless, select the desired permissions needed for a specific user group, as shown below.

Finally, click on Set Permissions. However, These right will be assigned automatically to all members of the User Group.

I hope you found this blog post on Pleasant User Group Permission and User Access very helpful. Please let me know in the comment session if you have any questions.