Having established a connection with the database by means of setting the path to the database file in the "DataBase" field of the "OnLAN Server" window, you can begin to modify the policy properties through the OnLAN Server module.
Modifying the policies can be done using the OnLAN Server tools in the "Policy editor" window, as shown on pic #12. This menu can be opened through "Policy" -> "Policy editor" in the "OnLAN Server" window (pic #3).
Pic #12.
In the upper part of the window you will see a list of existing group policies.
The OnLAN Messenger standard package contains the following default policies:
- basic "Administrator_policy" (administrator policy) and "User_policy" (user policy);
- additional "HTTPUserViewInfo" (web-interface administrators policy) and "User_policy_only_receive_messages" (limited rights user policy).
Administrators have full rights in the use, control and setup of the OnLAN Messenger service. Some setup and control rights restrictions apply to users. Web-interface administrators can access the system information through the web-interface in addition to their regular user rights. They can also get any of the users' passwords in order to login the client. Limited rights users have the right to only receive instant messages.
To the right of the name of each policy in the "Policy editor" window is a short description of the policy. All the fields of the list can be edited.
In the middle part of the window is a list of policy keys for the selected policy.
The lower part of the window contains two drop-down menus: a list of keys and a list of the possible key values. The possible values list depends on the key selected in the list next to the values list. In order to see the value of a particular key of the selected policy, you need to select the key from the list of keys in the middle of the window. After this, you can change the key value, should you find it necessary, by choosing a different value or entering it manually.
In order to add a new policy, you need to left-click on the policy list in the upper part of the window and click "Add" in the options menu that appears. In order to delete a selected policy, you can press "Delete" in the said menu. The "Administrator_policy" and "User_policy" policies are the main policies in the system of differentiating access levels in OnLAN Messenger, therefore deleting them is impossible.
In order to add a new key for an existing policy, left-click on the list of keys in the middle part of the window and choose "Add" in the options menu that appears.
The list of keys available for a contact group policy can be seen in the Appendix.
Here's a list of some of the rules, which apply when setting keys for group policies:
1. Key values have two forms:
- action right: "Enable", "Disable" and "Undefined" - the most frequent form;
- parameter (e.g. the path for a default directory for saving files: key - "FILES: path to save", value "ñ:\").
2. In order to add all undesignated keys to the policy with their default values, you need to add a special key to the policy: "POLICY: AllOtherDefault values" and set its value to "Enable".
Please note: all keys that have anything to do with action rights in the web-interface have their values set to "Disable" by default.
3. Key names that determine rights to perform actions through the web-interface start with the keyword "HTTP".
4. If a key assumes the right to not only view information, but also change it, then its name will end with the keyword "- Edit".
5. If a key's value has the %userlogin% parameter, then this parameter will be automatically changed to the user's login name, when the policy is applied to a particular user
Example:
For a user with the login name "Smith" the key "FILES: path to save" has the value "P:\{%userlogin%}". This will set the default save to path to "P:\Smith" in the settings.
In order to delete a key from a policy, you need to select it, open the options menu by left-clicking on it and select "Delete".
All changes in the group policies are saved after pressing the "Save" button or when switching to a different value in any of the lists.
After this, the new policies will be applied to all users on their next login. In order to apply the new policy immediately for all active clients, you need to select the "Policy" -> "Apply policy to users" option in the "OnLAN Server" window, as shown on pic #3.
The default values for the policy keys that come with the standard package are listed in the table below:
Key name | Value |
Administrator_policy |
FILES: path to save | ñ:\ |
HTTP interface administrator | Enable |
PROGRAM: Administrator for CLIENT (can close CLIENT) | Enable |
PROGRAM: Administrator's password | ghfdf |
PROGRAM: Auto boot with system | Enable |
PROGRAM: Auto login | Enable |
FILES: allow receiving | Enable |
FILES: allow sending | Enable |
HTTPUserViewInfo |
HTTP (Apply policy to all) | Disable |
HTTP (Check users) | Disable |
HTTP (Clear Journal) | Disable |
HTTP (Clear UnSentState) | Disable |
HTTP (Clear Unsent) | Disable |
HTTP (Commands History) | Disable |
HTTP (Departments editor) | Disable |
HTTP (Departments editor) - Edit | Disable |
HTTP (Journal, unsent, unsent states) - Edit | Disable |
HTTP (New users) | Disable |
HTTP (New users) - Edit | Disable |
HTTP (OnLine manage) | Disable |
HTTP (OnLine manage) - Edit | Disable |
HTTP (Options) | Disable |
HTTP (Options) - Edit | Disable |
HTTP (Policies editor) | Disable |
HTTP (Policies editor) - Edit | Disable |
HTTP (ReLoad Contacts List) | Disable |
HTTP (Send Contacts List to all) | Disable |
HTTP (Sessions list) | Disable |
HTTP (Sessions list) - Edit | Disable |
HTTP (Start and stop command executing) | Disable |
HTTP (Users editor) | Enable |
HTTP (Users editor) - Edit | Disable |
HTTP (View Journal) | Disable |
HTTP (View UnSentState) | Disable |
HTTP (View Unsent) | Disable |
HTTP interface administrator | Enable |
PROGRAM: Auto boot with system | Enable |
PROGRAM: Auto login | Enable |
User_policy |
FILES: path to save | c:\ |
PROGRAM: Administrator for CLIENT (can close CLIENT) | Disable |
PROGRAM: Auto boot with system | Enable |
PROGRAM: Auto login | Enable |
FILES: allow receiving | Disable |
FILES: allow sending | Disable |
User_policy_only_receive_messages |
FILES: path to save | c:\ |
MESSAGE: deny creating | Enable |
PROGRAM: Administrator for CLIENT (can close CLIENT) | Disable |
PROGRAM: Auto boot with system | Enable |
PPROGRAM: Auto login | Enable |
Back Next
|