Restricting User Access to Application Features with Permissions Manager
As an administrator, you may want to reduce complexity by limiting users' ability to modify their workspace or session documents. In Reflection, you can disable settings by configuring access files and storing them in your users' AppData directory. There are different access files for mainframe, AS/400, UNIX/OpenVMS, and application-wide settings. Plus, there is a separate access file for actions, such as creating new session documents or showing the UI Designer.
To restrict user access to settings and actions
- From the installed location, run AccessConfig.exe.
The default installation location is:
You cannot run this tool from an administrative installation image, you must run a workstation install, and then run it from there.
- Permissions Manager requires administrative credentials to run. If you do not have Administrative rights, you are prompted to provide the login credentials for an account that has them.
- Access files are saved under the active user's Application Data folder. If you start Permissions Manager, but provide the user credentials for another user, the files are saved in the other user's Application Data folder instead of yours.
- From the Permissions Manager, choose to create a new permission file, or edit an existing one, then click Next.
- Choose a file type for a specific session type, or for application settings or actions, then click Next.
- Under Groups, select the group title containing the setting you want to disable.
Items in each group will be displayed in the Items table.
- Select the item that you want to disable, then click the down arrow in the Accessibility column to change Full to Restricted.
- Save the file (by clicking Finish), and then deploy it to your users' directories, as follows:
- Once deployed, use Windows to set the file permissions to prevent users from editing or deleting the file.