Login Account Properties
You can create a login account in when you open the context menu for Login Accounts in the left-side tree view and select New Login Account. For a step-by-step guide, see Creating a login account.
The new login account creation dialog.
Windows authentication
Windows authentication can be used for authentication on . In this case, the user logs in to the vault with the same login information used to log in to Windows or the domain of the organization.
Domain login is the quickest and easiest authentication method. This means that new passwords and logins are not necessary, which makes this a user-friendly method. For more information, see Differences between the various user authentication methods.
authentication
With the authentication method, the user can log in to only. If the organization does not have a Windows domain or the user must not have access to it, it is a good idea to use authentication for the vault.
Personal information
Enter an email address and a full name for the login account. This information is used for sending notifications. For more information about notifications, see Editing notification settings in. If the authentication method used is Windows authentication, you can get the personal information from the domain when you select Update Information from Domain.
License type
Select a license type for the login account.
Named user license
Named user licenses are assigned to individual login accounts. This license lets the login account to use any time, independent of other users.
Concurrent user license
When a login account entitled to a concurrent user license logs in, one license of this type is taken up. When the login account logs out, the license becomes available for use by other login accounts that use this same license type.
Read-only license
Read-only licenses are assigned to individual login accounts. This license lets the login account to use at any time, independent of other users. Users with a read-only license can only read documents, not create or edit them. However, they can mark an assignment complete and change the workflow state of an object.
External Connector license
External Connector licenses let third-party systems to anonymously read from or write to an vault through a service account. The license type is necessary, for example, when data is published programmatically in an intranet or extranet environment to an unrestricted number of users. Anonymous authentication for the new and is an example of such use.
You cannot select this license type in the user interface. To get an External Connector license, contact .
Account is disabled
This function provides an easy way to specify whether the user can log in to the server or not. This function is useful if you do not want to remove the login account altogether, but to disable it temporarily.
Server roles: system administrator
With this role, the user can make any changes on the server level. The user can change the server logins and create and delete vaults. In other words, a system administrator can do any operation on a vault.
See the table for a comparison between the permissions of a system administrator and a user with the Full control of vault administrative rights. For a description of the administrator permissions in the Advanced Vault Settings section of the configurations editor, see this table.
| Operation | System administrator | Vault administrator |
|---|---|---|
| Create a vault | Permitted | Not permitted |
| Attach a vault | Permitted | Not permitted |
| Restore a vault | Permitted | Not permitted |
| Detach a vault | Permitted | Not permitted |
| Back up a vault | Permitted | Not permitted |
| Copy a vault | Permitted | Not permitted |
| Destroy a vault | Permitted | Not permitted |
| Optimize the database | Permitted | Not permitted |
| Back up the master database | Permitted | Not permitted |
| Restore the master database | Permitted | Not permitted |
| Take a vault offline | Permitted | Not permitted |
| Rebuild the full-text search index | Permitted | Permitted |
| Reset thumbnail images in a vault | Permitted | Permitted |
| Verify and repair a vault | Permitted | Permitted with , not permitted on on-premises servers |
| Migrate to | Permitted | Not permitted |
| Manage content replication and archiving settings | Permitted | Permitted to manage cloud storage based replication jobs |
| Create or import a login account | Permitted | Not permitted |
| Create a scheduled job | Permitted | Not permitted |
| Change notification settings | Permitted | Not permitted |
| Manage licenses | Permitted | Not permitted |
| Configure web and mobile access | Permitted | Not permitted |
| Shut down | Permitted | Not permitted |
| Log in to any vault | Permitted | Not permitted |
| Create and import users | Permitted | Not permitted |
| Import user groups | Permitted | Not permitted |
| Create user groups | Permitted | Permitted |
| See and read all vault content (including deleted objects) | Permitted | Permitted |
| See and undelete deleted objects | Permitted | Permitted |
| Destroy objects | Permitted | Permitted |
| Force undo checkout | Permitted | Permitted |
| Change permissions for all objects | Permitted | Permitted |
| Change metadata structure | Permitted | Permitted |
| Manage workflows | Permitted | Permitted |
| Manage login accounts | Permitted | Permitted |
| Manage common views and notification rules | Permitted | Permitted |
| Manage vault applications | Permitted | Not permitted |
| Edit scripts (for example related to event handlers, workflow states, and automatic property values) | Permitted | Not permitted |
| Manage connections to external mail sources | Permitted | Permitted |
| Manage connections to external file sources | Permitted | Not permitted |
| Disable or enable vault event logging | Permitted | Not permitted |
| See and manage scheduled jobs | Permitted | Not permitted |
| Restart vault | Permitted | Permitted |
| Enable the Annotations and redlining feature | Permitted | Permitted |
| Change the vault icon | Permitted | Permitted |
| See the vault unique ID | Permitted | Permitted |
For a system administrator to log in to a vault on the server with , a user account in that vault is not necessary. However, you can set the system administrator to not have access to vaults and rights to create users in vaults where they do not have a user account. To do this, a specific license is necessary. To get the license, contact [email protected]. For more information about this feature, .