In my process of upgrading from Basic 2012 to Pro 2015 I am renaming my Vault.
That means that each user account must be assigned to use this new Vault name in ADMS.
Is there any way outside of editting each users individually to do that?
Solved! Go to Solution.
Solved by Neil_Cross. Go to Solution.
How did you rename the Vault, detach then reattach with a different name?
I think the most efficient way would be to create a global group, add all users to that group, then assign the new Vault to that group. All users in the group will then inherit the access.
However that depends on the extent to which you've used groups already, but other than that there's no way in the standard product to multi-edit users.
I am renaming the Vault through several processes going from Basic 2012 to Pro 2015
So at the end I have Database, Filestore, and the Vault all reflecting the new name.
Regretfully I have not used groups to this point so assigning users to a group with those permissions would be just as labor intensive.
Oh well, only has to be done once.
I have "rehearsed" this Server build three times now and will just add this step to my procedure.
I do have less than 100 users so I could just go through it piece meal.
However, I just did a test on the new ADMS.
I created a defualt group that is Document Editor (Level 2) with access to the new Vault.
I mass selcted all users and added them to that group.
That all seems to have worked quickly.
However that brings up some questions on using groups and permission sets.
The vast majority of my users are just Document Editor (Level 2).
My self and a couple of others are Administrator
So since we are all part of the default group that has Document Editor (Level 2) set. Does that overide or mess up the few that have other permissions?
Or does it make everyone start of with what the group setting has and the extra roles can then be assign at the user profile.
Well I assume if they're existing users, they'll already have the Document Editor Level 2 role assigned into their user account directly? If so, you can just leave the role assignment blank in the group, and it'll use the role applied explicitly to their user account. That'll then also respect your Administrator role.
I personally haven't tested it, but if you have a role assigned to group level, but then a higher Administrator role assigned directly into a user, I would expect it to respect that too. It would be pretty easy to test that quickly on a test system, if you can't, let me know here and I'll test it on one of my systems.
Thanks I have already done that test.
I made the group and assigned it to every user. So now every user by default has Doc Ed 2 and access to the new Vault.
Myself and two others also had Admin set explicitly in our user accounts.
I logged in as a normal user and tried to delete a file. That action was blocked due to Vault restrictions. That user did not have the option to overwrite that restriction and do the deletion anyway.
I then logged in as myself and tried the same file. I was able to overwrite the restriction and delete the file.
So it appears that I can use the default group as the overall Vault Access and permission level.
Then flavor the other permissions on a user basis.