1-2 CHAPTER 1: INTRODUCING SECURITY
A complete description of all possible permissions appears in the Security Objects
and Permissions section later in this chapter.
A permission can be:
■Grantedyou can do the action
■Deniedyou cannot do the action
■Inheritedyou can or cannot do the action based on the p ermissions defined
for your group
■Irrevocableyou can do the action and the permission cannot be denied.
To learn mo re abou t the t ypes of permi ssion s, see Icon ListPermission Icons on
page1-4.
Accounts An account does for CommWorks IP Fax Solutions roughly what a domain
does for Windows NT. Here are some attributes of accounts:
■Each account contains one or more users
■Every user belongs to one account
■Users have more rights to things that belong to their own account, than they
do to things that belong to other ac counts. For exampl e, a user might ha ve
read-acce ss to a pub lic phon ebook crea ted by anot her user w ho belong s to the
same account, but would have no acces s to phonebooks created by users who
belong to a different account.
■Each account has its own administrator. Administrators have all-powerful
privileges to things (e.g. end-users and fax-jobs) which belong to their own
account, but no privileges to things that belong to another account.
Groups Setting up and managing security is easier when objects and users are grouped.
Create groups of users to assign similar permissions. For example, you might have
a Sales User group that has permission to use the same fax port device.
Create groups of objects to assign users similar permissions to use tham. For
example, a subset of modems called Sales might be accessable only by members
of the Sales User group.
Positive and Negative
Security Permissions
Grant permission to do something (positive) or deny permission to do something
(negative). The following is an example of a negative permissi on:
Assume that All Fax Users have permission to use and monitor fax port
number 2. Sales users are to use this port, but are not to monitor it. In this