SlideShare a Scribd company logo

Mastering Sitecore Users Roles and Security: A Beginner's Guide to Streamlined User Management

Download as PPTX, PDF
Akshay Barve, profile picture
Akshay Barve

The document provides an overview of Sitecore's basic training on roles and security, detailing the concepts of domains, roles, and users within Sitecore. It explains how to create and manage these elements, the specific access rights associated with different roles, and the processes for assigning and editing user memberships. Additionally, it outlines essential points regarding role inheritance and access right management in Sitecore.

Technology
1 of 25
Download to read offline
1
2
Most read
3
Most read
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
July 2024 Sitecore Basic Training Roles & Security
• What are Sitecore Domains? • What are Roles in Sitecore? • What are Users in Sitecore? • How to assign a role to User in Sitecore? • What are the different Security Tools? • What are the different Access Rights? Agenda The beautiful thing about learning is that no one can take it away from you. -B.B. King
Sitecore Domains • They are a collection of security accounts (i.e. users and roles) that you can manage or administer as a unit by applying common rules and procedures. • All the accounts with access to the published web site could be stored in the extranet domain. • All the accounts that have access to use the Sitecore clients could be stored in the Sitecore domain. Different Domains in Sitecore: • Extranet – This domain has user accounts corresponding to the visitors of the website. It may also contain the customized roles that manage read access to the content of the website. Members of this domain can have additional roles like Client authoring role in which case they can edit the content also. • Sitecore – This is for internal users which provide access to Sitecore Client roles. This domain can also have customized roles. Users of this domain can access the extranet domain also based on the login page. • Default – This is a virtual domain that only exists in memory. This domain is used in case website does not specify default domain and then users are set to default
• In Sitecore, you use the Domain Manager to create new domain. • Log in to Sitecore and, on the Launchpad, click Domain Manager. • In the Domain Manager dialog box, in the Domains group, click New. • In the create new Domain dialog box, enter the domain name. How to create a new domain
Sitecore Roles • Roles are used to manage website authorization. • Roles allow the grouping of users into structured units, such as managers, sales staff, anonymous users, and so on. • This makes it easier to organize security access because you can use a single role to assign security access rights to multiple users. • Roles give you the flexibility to change permissions and to add or remove users without having to make changes to the whole website. • Users can belong to more than one role, giving them different access rights to different areas of a site. • Users who are members of multiple roles gain their access rights from all the assigned roles. • https://doc.sitecore.com/xp/en/developers/latest/platform-administration-and-archit ecture/the-security-roles.html
Sitecore Roles Security Roles Description Author Provides access to basic item editing features such as the Media Library and Content Editor applications with a reduced set of tabs on the ribbon. Designer Provides access to the Presentation Tab of Content editor & Experience Editor. Developer Provides access to more functionality on the Content Editor ribbon to allow full development features for users assigned to this role. Sitecore Client Account Managing Provides access to maintain users, roles, and domains in the Access Viewer, the Domain Manager, the Role Manager, and the User Manager applications. Sitecore Client Advanced Publishing Provides access to the publishing functionality in the Experience Editor and Content Editor applications. This role has access to republish in addition to the same access rights as the Sitecore Client Publishing role. Sitecore Client Authoring Provides access to basic item editing features. The role is intended for client users to allow access to basic authoring features. Sitecore Client Securing Provides access to security features in the Content Editor and other relevant applications. This role is intended for users who need to maintain users and access rights.
• In Sitecore, you use the Role Manager to create new role. • Log in to Sitecore and, on the Launchpad, click Role Manager. • In the Role Manager dialog box, in the Roles group, click New. • In the create new Role dialog box, enter the role name and select the domain related to it. How to create a new role
Sitecore Users • By Default, Sitecore provides few default users accounts which should not be changed. • If we want to have a user with similar authority as the default user, then the best practice is to create a new user account and not edit a default one. • Editing done on the default user account may affect other areas of security model. Default Users Description sitecoreadmin Predefined administrator user sitecoreServices API Default impersonating user role used in Sitecore.Services.Client extranetanonymous User who is viewing the free to access parts of a website defaultanonymous User who is assigned to an unauthenticated visitor who is viewing a website that does not have an assigned domain. sitecore PowerShellExtensionsAPI
• In Sitecore, you use the User Manager to create users and manage the roles that they are members of. • Log in to Sitecore and, on the Launchpad, click User Manager. • In the User Manager dialog box, in the Users group, click New. • In the Create a New User dialog box, enter the relevant information about the new user. For example, enter the user name and password that the user must use for authentication when they log in to Sitecore. How to create a new user
1. Username: Enter the name of the user in Sitecore. (mandatory) 2. Domain: Enter the domain that the user has access to. 3. Full name : Enter the full name of the user. 4. Email: Enter the user’s email address. (mandatory) 5. Comment: Enter any relevant comments. 6. Password: Enter the password of the new user. Users can change it after they log in to Sitecore (mandatory). 7. Confirm Password: Confirm password (mandatory) 8. Roles: Enter the roles that you want to make the user a member of. Click Edit to add the user to one or more roles 9. User Profile: Enter the type of user you are creating Let’s see the fields in this dialog
General Tab: We can update user's name and email address. We can make an user as Administrator and select an portrait image. Enter the name of the user in Sitecore. Member Of Tab: We can edit (add/remove) the roles that the user is a member of and associate one or more domains with the user. Profile Tab: We can specify the start URL that should open for the user when the user logs in.​ Language Settings: We can specify the client language and Regional Code that the Sitecore client should use when the user logs in. We can also specify the default language of the website content for the user.​ Information: We can view the overall history of the user. This includes when the user was created, the last activity + login time + last password change and so on Edit User Account
• In the role manager, click the role that you want to add a security account to and then click Members. • In the Members dialog box, you can see a list of all the security accounts that are members of the role. To add a new security account to the list, click Add. • In the Add an Account dialog box, in the Account Type section, click the type of account (user or role) that you want to add. • Click the user or role that you want to make a member of the role and then click OK. Add a role member in new role
• Open the User Manager, click the relevant user, and then click Edit. • To add or remove a user from a role, in the Edit User dialog box, on the Member Of tab, click Edit. • In the Edit User Roles dialog box, in the Available Roles section, select the roles that you want to make the user a member of and then click Add. • You can press SHIFT or CTRL to select several roles. • You can double click a role to add or remove it. • When all the relevant roles are selected, click OK. Add a role to the user
Old Password: Specify user’s Old Password New Password: Specify user’s New Password Confirm Password: Confirm user’s New Password Along with this basic functionality of generating a new password for a user we also have a feature where we can Generate a random new password for a user if the Old password is not known or lost. Change Password For User Account
Enable / Disable: We can enable or disable a user according to our requirement. When we disable a user the user account exist in the DB but the respective user cannot login. Lock / Unlock: This is a unique feature in which a user is locked if he tries to Login in Sitecore with wrong credentials. By default 3 in-valid attempts are allowed but there is a setting through which we can manage this value. Enable/Disable + Unlock User Account
Sitecore Security Editor Give and define access rights (different permissions) to roles / users on items.
Sitecore Security Access Viewer Shows the effective rights (permission) that a specific role / user has. As one user can have multiple roles this window is helpful to know what are the effective rights that are applicable.
Sitecore Security Access Rights Security Roles Description Read Controls whether a user / role can see an item in the content tree. Write Controls whether a user can edit field values of an item in the content tree. Rename Controls whether a user can change the name of an item. The rename access right requires the Read Access Right. Create Controls whether a user can create child items. The create access right requires Read Access right. Delete Controls whether a user can delete an item. The Delete access rights requires read access right. Administer Controls whether a user can configure the access rights of an item. The administer access right requires Read and Write access rights. Along with the above access rights we also have few additional access rights which are not visible by default but can be showed as clicking the Columns button in the dialog box and selecting the required access right for which you want to give the permissions.
Roles Inheritance Role X Role Y Role Z Read Item A Read Item B Denied Item C Read and Write Item D Read and Write Item A Denied Item B Denied Item C Read and Write Item D Read and Write Item A Denied Item B Read Item C Read Item D
Key Points to Remember • Denied rights overrules Allowed rights. • When an access right is not specified, the effective permission is usually inherited from the parent item through Descendants option. • Access rights assigned to an item for a particular user account overrule the access rights that are specifically assigned to an item for a role of which the user is member of. • Access rights granted for an item to a user or a role will overrule the Inheritance access rights and any rights assigned to the descendants of the parent item. • If you delete a Role then the Users that are assigned to that specific roles are NOT deleted. • All the roles and default users are created in CORE DB.
Sitecore Security Tools
Demo
• Sitecore Users & Roles Documentation: https://doc.sitecore.com/xp/en/developers /90/platform-administration-and-architect ure/users,-roles,-and-domains.html • https://doc.sitecore.com/xp/en/developers /81/sitecore-experience-platform/create-an d-set-up-a-role.html • https://doc.sitecore.com/xp/en/developers /90/platform-administration-and-architect ure/the-security-roles.html Useful Links
Questions
Thx.

More Related Content

PDF
SOP_ERP_AdministrationModule
Sunil Mukadam
 
PPTX
Salesforce admin training 2
HungPham381
 
PDF
Security and-data-access-document
Amit Sharma
 
PPTX
Adm 201 study group session 1 user interface kathy c
ovalisgroup
 
PPTX
Adm 201 study group session 1 user interface kathy c
ovalisgroup
 
ODT
Users and roles sitefinity guide
Roshith S Pai
 
PPTX
5 User Mgmt in Drupal
Wingston
 
PPTX
24 - Panorama Necto 14 administration - visualization & data discovery solution
Panorama Software
 
SOP_ERP_AdministrationModule
Sunil Mukadam
 
Salesforce admin training 2
HungPham381
 
Security and-data-access-document
Amit Sharma
 
Adm 201 study group session 1 user interface kathy c
ovalisgroup
 
Adm 201 study group session 1 user interface kathy c
ovalisgroup
 
Users and roles sitefinity guide
Roshith S Pai
 
5 User Mgmt in Drupal
Wingston
 
24 - Panorama Necto 14 administration - visualization & data discovery solution
Panorama Software
 

Similar to Mastering Sitecore Users Roles and Security: A Beginner's Guide to Streamlined User Management (20)

PPTX
Who Sees What When? Using Dynamic Sharing Rules To Manage Access To Records
vraopolisetti
 
PPTX
Roles and Permissions - Liferay Developer
Attune World Wide
 
PDF
359555069 aae-control room-usermanual
BishnujitBanerjee
 
PPTX
Profiles and permission sets in salesforce
Sunil kumar
 
PDF
Alfresco : Implementing Membership and Security
Wildan Maulana
 
PDF
Netex learningMaker | Administrator Manual v3.0 [En]
Netex Learning
 
PDF
Bulletin Boards - Quick Start Guide To User Management
VisionsLive
 
PPTX
Necto 16 training 17 - administration
Panorama Software
 
PDF
ImplementationGuide-220920-101456.pdf
spikecloudcloud
 
PDF
Gone in 60 Seconds… How Azure AD/Entra ID Tenants are Compromise
Cloud Village
 
PPTX
August 12: Sugar’s Security Model – Teams and Roles
ticomixcrm
 
PDF
Employee Community
Cloud Analogy
 
PPTX
Presentation001 (1).pptx
LamiaBinteLatif
 
PPTX
Unit4 NMA working with user accounts WINDOWS SERVER 2008
Sangeetha Rangarajan
 
PPTX
Module5SADP.pptx
YuvrajSingh731815
 
PPT
An Introduction to Drupal
Compare Infobase Limited
 
PDF
Mr20 enus 14-Report Design in Management Reporter 2.0 for Microsoft Dynamics®...
Sami JAMMALI
 
PPTX
Sitecore Security Overview
Randy Woods
 
DOCX
synopsis
jayant parmar
 
PPTX
MOSS2007 Security
dropkic
 
Who Sees What When? Using Dynamic Sharing Rules To Manage Access To Records
vraopolisetti
 
Roles and Permissions - Liferay Developer
Attune World Wide
 
359555069 aae-control room-usermanual
BishnujitBanerjee
 
Profiles and permission sets in salesforce
Sunil kumar
 
Alfresco : Implementing Membership and Security
Wildan Maulana
 
Netex learningMaker | Administrator Manual v3.0 [En]
Netex Learning
 
Bulletin Boards - Quick Start Guide To User Management
VisionsLive
 
Necto 16 training 17 - administration
Panorama Software
 
ImplementationGuide-220920-101456.pdf
spikecloudcloud
 
Gone in 60 Seconds… How Azure AD/Entra ID Tenants are Compromise
Cloud Village
 
August 12: Sugar’s Security Model – Teams and Roles
ticomixcrm
 
Employee Community
Cloud Analogy
 
Presentation001 (1).pptx
LamiaBinteLatif
 
Unit4 NMA working with user accounts WINDOWS SERVER 2008
Sangeetha Rangarajan
 
Module5SADP.pptx
YuvrajSingh731815
 
An Introduction to Drupal
Compare Infobase Limited
 
Mr20 enus 14-Report Design in Management Reporter 2.0 for Microsoft Dynamics®...
Sami JAMMALI
 
Sitecore Security Overview
Randy Woods
 
synopsis
jayant parmar
 
MOSS2007 Security
dropkic
 
Ad

More from Akshay Barve (6)

PPTX
Using the Magic of Sitecore SSC API for Authentication in Headless XM
Akshay Barve
 
PPTX
Mastering XM Cloud Forms: Configuration, Design, Webhooks, and Conditional Logic
Akshay Barve
 
PPTX
Comprehensive Guide to Sitecore Events: Execution & Customization
Akshay Barve
 
PPTX
Diving into Sitecore Pipelines and Processors: Concepts, Customization, and B...
Akshay Barve
 
PPTX
Understanding Sitecore Schedulers: Configuration and Execution Guide
Akshay Barve
 
PPTX
Mastering Sitecore WorkFlow: A Beginner's Guide to Streamlined Content Manage...
Akshay Barve
 
Using the Magic of Sitecore SSC API for Authentication in Headless XM
Akshay Barve
 
Mastering XM Cloud Forms: Configuration, Design, Webhooks, and Conditional Logic
Akshay Barve
 
Comprehensive Guide to Sitecore Events: Execution & Customization
Akshay Barve
 
Diving into Sitecore Pipelines and Processors: Concepts, Customization, and B...
Akshay Barve
 
Understanding Sitecore Schedulers: Configuration and Execution Guide
Akshay Barve
 
Mastering Sitecore WorkFlow: A Beginner's Guide to Streamlined Content Manage...
Akshay Barve
 
Ad

Recently uploaded (20)

PDF
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
PPTX
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
PPTX
PA Analog/Digital System: The Backbone of Modern Surveillance and Communication
AVTRON Technologies LLC
 
PDF
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
PPTX
A Presentation on Artificial Intelligence
memembruh336
 
PPTX
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 
PDF
Approach and Philosophy of On baking technology
30anthuong17
 
PDF
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
PPTX
Understanding_Digital_Forensics_Presentation.pptx
ImranKhan423233
 
PDF
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
SynapseIndia
 
PDF
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
PDF
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
PDF
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
PDF
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
PPTX
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
PDF
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
PDF
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
PPTX
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
DOCX
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
PDF
Shreyas Phanse Resume: Experienced Backend Engineer | Java • Spring Boot • Ka...
SHREYAS PHANSE
 
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
PA Analog/Digital System: The Backbone of Modern Surveillance and Communication
AVTRON Technologies LLC
 
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
A Presentation on Artificial Intelligence
memembruh336
 
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 
Approach and Philosophy of On baking technology
30anthuong17
 
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
Understanding_Digital_Forensics_Presentation.pptx
ImranKhan423233
 
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
SynapseIndia
 
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
Shreyas Phanse Resume: Experienced Backend Engineer | Java • Spring Boot • Ka...
SHREYAS PHANSE
 

Mastering Sitecore Users Roles and Security: A Beginner's Guide to Streamlined User Management

  • 1. July 2024 Sitecore Basic Training Roles & Security
  • 2. • What are Sitecore Domains? • What are Roles in Sitecore? • What are Users in Sitecore? • How to assign a role to User in Sitecore? • What are the different Security Tools? • What are the different Access Rights? Agenda The beautiful thing about learning is that no one can take it away from you. -B.B. King
  • 3. Sitecore Domains • They are a collection of security accounts (i.e. users and roles) that you can manage or administer as a unit by applying common rules and procedures. • All the accounts with access to the published web site could be stored in the extranet domain. • All the accounts that have access to use the Sitecore clients could be stored in the Sitecore domain. Different Domains in Sitecore: • Extranet – This domain has user accounts corresponding to the visitors of the website. It may also contain the customized roles that manage read access to the content of the website. Members of this domain can have additional roles like Client authoring role in which case they can edit the content also. • Sitecore – This is for internal users which provide access to Sitecore Client roles. This domain can also have customized roles. Users of this domain can access the extranet domain also based on the login page. • Default – This is a virtual domain that only exists in memory. This domain is used in case website does not specify default domain and then users are set to default
  • 4. • In Sitecore, you use the Domain Manager to create new domain. • Log in to Sitecore and, on the Launchpad, click Domain Manager. • In the Domain Manager dialog box, in the Domains group, click New. • In the create new Domain dialog box, enter the domain name. How to create a new domain
  • 5. Sitecore Roles • Roles are used to manage website authorization. • Roles allow the grouping of users into structured units, such as managers, sales staff, anonymous users, and so on. • This makes it easier to organize security access because you can use a single role to assign security access rights to multiple users. • Roles give you the flexibility to change permissions and to add or remove users without having to make changes to the whole website. • Users can belong to more than one role, giving them different access rights to different areas of a site. • Users who are members of multiple roles gain their access rights from all the assigned roles. • https://doc.sitecore.com/xp/en/developers/latest/platform-administration-and-archit ecture/the-security-roles.html
  • 6. Sitecore Roles Security Roles Description Author Provides access to basic item editing features such as the Media Library and Content Editor applications with a reduced set of tabs on the ribbon. Designer Provides access to the Presentation Tab of Content editor & Experience Editor. Developer Provides access to more functionality on the Content Editor ribbon to allow full development features for users assigned to this role. Sitecore Client Account Managing Provides access to maintain users, roles, and domains in the Access Viewer, the Domain Manager, the Role Manager, and the User Manager applications. Sitecore Client Advanced Publishing Provides access to the publishing functionality in the Experience Editor and Content Editor applications. This role has access to republish in addition to the same access rights as the Sitecore Client Publishing role. Sitecore Client Authoring Provides access to basic item editing features. The role is intended for client users to allow access to basic authoring features. Sitecore Client Securing Provides access to security features in the Content Editor and other relevant applications. This role is intended for users who need to maintain users and access rights.
  • 7. • In Sitecore, you use the Role Manager to create new role. • Log in to Sitecore and, on the Launchpad, click Role Manager. • In the Role Manager dialog box, in the Roles group, click New. • In the create new Role dialog box, enter the role name and select the domain related to it. How to create a new role
  • 8. Sitecore Users • By Default, Sitecore provides few default users accounts which should not be changed. • If we want to have a user with similar authority as the default user, then the best practice is to create a new user account and not edit a default one. • Editing done on the default user account may affect other areas of security model. Default Users Description sitecoreadmin Predefined administrator user sitecoreServices API Default impersonating user role used in Sitecore.Services.Client extranetanonymous User who is viewing the free to access parts of a website defaultanonymous User who is assigned to an unauthenticated visitor who is viewing a website that does not have an assigned domain. sitecore PowerShellExtensionsAPI
  • 9. • In Sitecore, you use the User Manager to create users and manage the roles that they are members of. • Log in to Sitecore and, on the Launchpad, click User Manager. • In the User Manager dialog box, in the Users group, click New. • In the Create a New User dialog box, enter the relevant information about the new user. For example, enter the user name and password that the user must use for authentication when they log in to Sitecore. How to create a new user
  • 10. 1. Username: Enter the name of the user in Sitecore. (mandatory) 2. Domain: Enter the domain that the user has access to. 3. Full name : Enter the full name of the user. 4. Email: Enter the user’s email address. (mandatory) 5. Comment: Enter any relevant comments. 6. Password: Enter the password of the new user. Users can change it after they log in to Sitecore (mandatory). 7. Confirm Password: Confirm password (mandatory) 8. Roles: Enter the roles that you want to make the user a member of. Click Edit to add the user to one or more roles 9. User Profile: Enter the type of user you are creating Let’s see the fields in this dialog
  • 11. General Tab: We can update user's name and email address. We can make an user as Administrator and select an portrait image. Enter the name of the user in Sitecore. Member Of Tab: We can edit (add/remove) the roles that the user is a member of and associate one or more domains with the user. Profile Tab: We can specify the start URL that should open for the user when the user logs in.​ Language Settings: We can specify the client language and Regional Code that the Sitecore client should use when the user logs in. We can also specify the default language of the website content for the user.​ Information: We can view the overall history of the user. This includes when the user was created, the last activity + login time + last password change and so on Edit User Account
  • 12. • In the role manager, click the role that you want to add a security account to and then click Members. • In the Members dialog box, you can see a list of all the security accounts that are members of the role. To add a new security account to the list, click Add. • In the Add an Account dialog box, in the Account Type section, click the type of account (user or role) that you want to add. • Click the user or role that you want to make a member of the role and then click OK. Add a role member in new role
  • 13. • Open the User Manager, click the relevant user, and then click Edit. • To add or remove a user from a role, in the Edit User dialog box, on the Member Of tab, click Edit. • In the Edit User Roles dialog box, in the Available Roles section, select the roles that you want to make the user a member of and then click Add. • You can press SHIFT or CTRL to select several roles. • You can double click a role to add or remove it. • When all the relevant roles are selected, click OK. Add a role to the user
  • 14. Old Password: Specify user’s Old Password New Password: Specify user’s New Password Confirm Password: Confirm user’s New Password Along with this basic functionality of generating a new password for a user we also have a feature where we can Generate a random new password for a user if the Old password is not known or lost. Change Password For User Account
  • 15. Enable / Disable: We can enable or disable a user according to our requirement. When we disable a user the user account exist in the DB but the respective user cannot login. Lock / Unlock: This is a unique feature in which a user is locked if he tries to Login in Sitecore with wrong credentials. By default 3 in-valid attempts are allowed but there is a setting through which we can manage this value. Enable/Disable + Unlock User Account
  • 16. Sitecore Security Editor Give and define access rights (different permissions) to roles / users on items.
  • 17. Sitecore Security Access Viewer Shows the effective rights (permission) that a specific role / user has. As one user can have multiple roles this window is helpful to know what are the effective rights that are applicable.
  • 18. Sitecore Security Access Rights Security Roles Description Read Controls whether a user / role can see an item in the content tree. Write Controls whether a user can edit field values of an item in the content tree. Rename Controls whether a user can change the name of an item. The rename access right requires the Read Access Right. Create Controls whether a user can create child items. The create access right requires Read Access right. Delete Controls whether a user can delete an item. The Delete access rights requires read access right. Administer Controls whether a user can configure the access rights of an item. The administer access right requires Read and Write access rights. Along with the above access rights we also have few additional access rights which are not visible by default but can be showed as clicking the Columns button in the dialog box and selecting the required access right for which you want to give the permissions.
  • 19. Roles Inheritance Role X Role Y Role Z Read Item A Read Item B Denied Item C Read and Write Item D Read and Write Item A Denied Item B Denied Item C Read and Write Item D Read and Write Item A Denied Item B Read Item C Read Item D
  • 20. Key Points to Remember • Denied rights overrules Allowed rights. • When an access right is not specified, the effective permission is usually inherited from the parent item through Descendants option. • Access rights assigned to an item for a particular user account overrule the access rights that are specifically assigned to an item for a role of which the user is member of. • Access rights granted for an item to a user or a role will overrule the Inheritance access rights and any rights assigned to the descendants of the parent item. • If you delete a Role then the Users that are assigned to that specific roles are NOT deleted. • All the roles and default users are created in CORE DB.
  • 22. Demo
  • 23. • Sitecore Users & Roles Documentation: https://doc.sitecore.com/xp/en/developers /90/platform-administration-and-architect ure/users,-roles,-and-domains.html • https://doc.sitecore.com/xp/en/developers /81/sitecore-experience-platform/create-an d-set-up-a-role.html • https://doc.sitecore.com/xp/en/developers /90/platform-administration-and-architect ure/the-security-roles.html Useful Links
  • 25. Thx.

Editor's Notes

  • #4: Create a new domain
  • #7: Create a new role and assign the basic client authoring role to it.
  • #10: Create a new user. Show different validations that will be applicable. Assign the new role that is created to this user.
  • #11: Explian all the settings in detail
  • #18: Show example of field read and field write. Language read and language write.
  • #24: Question from JJ:  it is clear that sitecore has a vision or how all these technologies can/should interact but implementations are always situational based on a client's maturity, investments, staffing and licensing. Does Sitecore have an official POV on what the "ideal state" is from a SaaS licensing perspective? Or is it on the SIs to figure it out based on the situation on the ground and the client's reality? Seems like all conversations should start with a talk abut the "ideal state" but if I'm a customer hearing that pitch I'm asking myself, how much time, effort and investment is needed to get "there?" Can you define "there?"