Select users and groups
The Select Users and Groups dialog box lets you search the authentication database
and then, from the result set, select the accounts you want to add as Access
Control Entries (ACEs) to the object's Access Control List (ACL). These ACEs
are assigned default permissions which you can view and edit later, using
the object's security editor.
If the query does not find all the users or groups you are looking for, simply
issue another search. You can return to the object's Select Users and Groups
dialog box as often as you need.
- Select Object Type
- Select the object type to search for. When specifying GCD administrators,
the Special Accounts object type is deselected
and disabled. See Users and groups required by FileNet P8 Platform for information about the special accounts
#AUTHENTICATED-USERS
and #CREATOR-OWNER
.
- Select Realm
- Select the realm to search. Only those realms (domains) that were configured
during installation for FileNet P8 domain authentication will produce valid
accounts.
- Search Criteria
- Build your search using the following parameters.
- Search Attribute: Select whether you wish to search
on Short Name or Display Name.
- Search Pattern: Enter the name or string
you want to search for.
Search type |
Search behavior |
Starts with ... |
Searches for accounts whose name begins with the characters you enter. |
Exact match ... |
Searches for accounts with the exact characters you type. |
- Wildcard characters are not supported. Therefore, a Starts with
search pattern of "a?" would only find
names with "a" as the first character
and a question mark as the second. It would not find names starting with "ab".
- Logical, or boolean, operators (OR, AND, NOT) are not supported.
- Leave the search string blank to return all names, regardless of whether
you use Starts with or Exact match, and subject to the Maximum results returned value. But see the Caution below.
- Sort Order: Choose a sort order for how the result set will appear:
Ascending (A-Z), Descending
(Z-A), or None. If your search includes both
Groups and Users and the sort order is None,
the result set will stack all Groups that meet the search criteria first,
followed by all Users that meet the search criteria. If the directory service
does not support sorting, the Enterprise Manager will inform you and thereafter
only None will be available.
- Maximum results returned: Enter a maximum number of results to return,
with the value applying separately to both Users and Groups if both are selected.
For example, if you select both Users and Groups, set the Maximum result returned
to 500, and if your directory service has at least 500 entries of each type
that meet the search criteria, your result set will have 1,000 names.
CAUTION Setting
Maximum results returned to zero (0) will return
all accounts that meet the search criteria. To request all accounts in the Realm,
leave the search criteria blank and enter 0 into Maximum
results returned. Use 0 with caution since requesting all values
from an extremely large directory service could result in very long search time.
- Find
- Click Find to run the query against the directory
service. Any result set from an earlier search will be replaced by the results
of the current search.
- Results
- Displays the users and groups found by the search, sorted according to the
sort order set above. Icons indicate whether the account is a user or a group.
See Directory
integration and authentication for background.
- Display Name: Displays
whatever directory service attribute has been configured as the User Display
Name Attribute.
- Short Name:Displays the
directory service attribute that has been configured as the Logon Attribute.
- Principal Name: The complete, unambiguous
name in the format of the authentication provider.
- Select the names you want to add to the ACL of the object. To select multiple
names, click one name, then press CTRL and click each additional
name. If you select a file you don't want, press CTRL and click
the name again. To select many in sequence or all, click the first name in
the sequence, then hold down SHIFT and click the last name.
- Click OK to add selected names to the ACL
of the object. Then use the security editor to view and edit their permissions.
- If there are no names you want to add, either click Cancel
to close the Select Users and Groups dialog box, or issue another search.