Security Inheritance

adTempus supports security inheritance, meaning that each object can inherit permissions from its "parent." The model is similar to that of the Windows file system, where each file or folder inherits permissions from the folder above it. This inheritance makes it easy for you to manage security for large groups of users and objects.

Prior to adTempus version 3, security settings in adTempus were not inherited, meaning that each object's security had to be managed individually. If you have upgraded from version 2.x, you may want to update your security settings as described in the Security Changes topic to simplify security administration.

See the Security Editor topic for information on how to control which permissions get inherited.

The following list shows how permissions are inherited. Permissions assigned at each level (or "container") are inherited by all lower levels.

Permission to create a new object of a given type is controlled by the permissions on the container for that object. For example, permission to create a new job is controlled through the security settings of the group in which the job is being created. Permission to create a new Shared Script is controlled through the security settings of the Scripts folder.

Container	Notes
Root	The Server Security Settings window provides access to the root server security permissions. Permissions set here are inherited by all objects in adTempus. For example, if you want a set of users to be able to View all objects in adTempus, you would assign View permission here. If you want to grant permissions that apply to all Scripts but not to all Jobs, you need to configure permissions at a lower level
Job Groups	Each Job Group inherits security from the level above it and has its own security settings that affect the group and all groups and jobs below it. To view or edit security settings for a group, right-click the group in the Console Tree, then choose Edit and go to the Security page of the group properties window. The Jobs node represents the root group, and has security settings just like the other groups. Right-click the Jobs node, choose Edit, and go to the Security page of the properties window. Permissions that you assign in the root Jobs group are inherited by all groups and jobs in adTempus.
Jobs	Each Job inherits security from its Group and has its own security settings that apply only to itself. To view or edit the security settings for a Job, go to the Security page of the job properties. To simplify permission management, you should when possible set permissions at the Group level rather than configuring security separately for each job.
Queues	Each Job Queue inherits security from the Queues node in the Console Tree and has its own security settings. To view or edit security settings for a queue, right-click the queue in the Console Tree, then choose Edit and go to the Security page of the properties window. The Queues node contains security settings that apply to all queues. To view or edit permissions and control which users are permitted to create Queues, right-click the Queues node and choose Queue Security. These settings
Notification Recipients	Each Notification Recipient (individual or group) inherits security from the Notification Recipients node in the Console Tree and has its own security settings. To view or edit security settings for a notification recipient, go to the Security page in the property window for the item. To manage the default security for all Notification Recipients and control which users are permitted to create Notification Recipients, right-click the Notification Recipients node in the Console Tree and choose Notification Recipient Security.
Shared Schedules Holiday Definitions	Each Shared Schedule and Holiday Set inherits security from the Schedules Security and has its own security settings. To view or edit security settings for a schedule or holiday set, go to the Security page in the property window for the item. To manage the default security for all Shared Schedules and Holiday Sets and control which users are permitted to create Shared Schedules and Holiday Sets, right-click the Shared Schedules or Holiday Definitions node in the Console Tree and choose the Schedule Security item. (The same security settings apply to both Shared Schedules and Holiday Sets.)
Shared Scripts Script Libraries	Each Shared Script and Script library inherits security from the Scripts node in the Console Tree and has its own security settings. To view or edit security settings for a shared script or script library, go to the Security page in the property window for the item. To manage the default security for all Shared Scripts and Script Libraries and control which users are permitted to create Shared Scripts and Script Libraries, right-click the Scripts node in the Console Tree and choose Script Security.
Remote Agents	Each Remote Agent inherits security from the Remote Agents node in the Console Tree and has its own security settings. To view or edit security settings for a Remote Agent, go to the Security page in the property window for the item. To manage the default security for all Remote Agents and control which users are permitted to create Remote Agents, right-click the Remote Agents node in the Console Tree and choose Remote Agent Security.
Messaging Service Providers	Each Messaging Service Provider inherits security from the default Messaging Service Provider security settings and has its own security settings. To view or edit security settings for a provider, go to the Security page in the property window for the item. To manage the default security for all Messaging Service Providers and control which users are permitted to create Messaging Service Providers, click the Security button in the Messaging Service Providers Window.
File Service Providers	Each File Service Provider inherits security from the default File Service Provider security settings and has its own security settings. To view or edit security settings for a provider, go to the Security page in the property window for the item. To manage the default security for all File Service Providers and control which users are permitted to create File Service Providers, click the Security button in the File Service Providers Window.
Credential Profiles	Each Credential Profile inherits security from the default Credential Profile security settings and has its own security settings. To view or edit security settings for a Credential Profile, go to the Security page in the property window for the item. To manage the default security for all Credential Profiles, click the Security button in the Credential Profiles Window.

Container

Notes

Root

The Server Security Settings window provides access to the root server security permissions. Permissions set here are inherited by all objects in adTempus.

For example, if you want a set of users to be able to View all objects in adTempus, you would assign View permission here.

If you want to grant permissions that apply to all Scripts but not to all Jobs, you need to configure permissions at a lower level

Job Groups

Each Job Group inherits security from the level above it and has its own security settings that affect the group and all groups and jobs below it.

To view or edit security settings for a group, right-click the group in the Console Tree, then choose Edit and go to the Security page of the group properties window.

The Jobs node represents the root group, and has security settings just like the other groups. Right-click the Jobs node, choose Edit, and go to the Security page of the properties window.

Permissions that you assign in the root Jobs group are inherited by all groups and jobs in adTempus.

Jobs

Each Job inherits security from its Group and has its own security settings that apply only to itself. To view or edit the security settings for a Job, go to the Security page of the job properties.

To simplify permission management, you should when possible set permissions at the Group level rather than configuring security separately for each job.

Queues

Each Job Queue inherits security from the Queues node in the Console Tree and has its own security settings.

To view or edit security settings for a queue, right-click the queue in the Console Tree, then choose Edit and go to the Security page of the properties window.

The Queues node contains security settings that apply to all queues. To view or edit permissions and control which users are permitted to create Queues, right-click the Queues node and choose Queue Security. These settings

Notification Recipients

Each Notification Recipient (individual or group) inherits security from the Notification Recipients node in the Console Tree and has its own security settings.

To view or edit security settings for a notification recipient, go to the Security page in the property window for the item.

To manage the default security for all Notification Recipients and control which users are permitted to create Notification Recipients, right-click the Notification Recipients node in the Console Tree and choose Notification Recipient Security.

Shared Schedules

Holiday Definitions

Each Shared Schedule and Holiday Set inherits security from the Schedules Security and has its own security settings.

To view or edit security settings for a schedule or holiday set, go to the Security page in the property window for the item.

To manage the default security for all Shared Schedules and Holiday Sets and control which users are permitted to create Shared Schedules and Holiday Sets, right-click the Shared Schedules or Holiday Definitions node in the Console Tree and choose the Schedule Security item. (The same security settings apply to both Shared Schedules and Holiday Sets.)

Shared Scripts

Script Libraries

Each Shared Script and Script library inherits security from the Scripts node in the Console Tree and has its own security settings.

To view or edit security settings for a shared script or script library, go to the Security page in the property window for the item.

To manage the default security for all Shared Scripts and Script Libraries and control which users are permitted to create Shared Scripts and Script Libraries, right-click the Scripts node in the Console Tree and choose Script Security.

Remote Agents

Each Remote Agent inherits security from the Remote Agents node in the Console Tree and has its own security settings.

To view or edit security settings for a Remote Agent, go to the Security page in the property window for the item.

To manage the default security for all Remote Agents and control which users are permitted to create Remote Agents, right-click the Remote Agents node in the Console Tree and choose Remote Agent Security.

Messaging Service Providers

Each Messaging Service Provider inherits security from the default Messaging Service Provider security settings and has its own security settings.

To view or edit security settings for a provider, go to the Security page in the property window for the item.

To manage the default security for all Messaging Service Providers and control which users are permitted to create Messaging Service Providers, click the Security button in the Messaging Service Providers Window.

File Service Providers

Each File Service Provider inherits security from the default File Service Provider security settings and has its own security settings.

To view or edit security settings for a provider, go to the Security page in the property window for the item.

To manage the default security for all File Service Providers and control which users are permitted to create File Service Providers, click the Security button in the File Service Providers Window.

Credential Profiles

Each Credential Profile inherits security from the default Credential Profile security settings and has its own security settings.

To view or edit security settings for a Credential Profile, go to the Security page in the property window for the item.

To manage the default security for all Credential Profiles, click the Security button in the Credential Profiles Window.

Related Concepts

Security Overview