Table of Contents
- 1. Create directories for the target state
- 2. Authorize users and groups
- 3. Error messages and indication of the cause of the error
- 4. More functions
- 5. Create target state
Drag & Drop displays the scanned permissions in a directory tree.
This feature is characterized by the fact that user and group names no longer need to be written. You can search for objects in the AD, park them in a clipboard and drag them from there or from a directory of the initial state to a destination directory and drop them there, hence "drag and drop".
1. Create directories for the target state
There are two ways to create the directories for the target state:
1.1. Tables mode
The simplest way to create the directories in table mode. You can import the scanned directories as well as data from a spreadsheet (xlsx format). Additional directories that are not available in the initial state can also be created.
1.2. Drag and drop mode
This mode can be used for the project types "Scan resources" and "Import table". For projects for Novell migration, the drag-and-drop mode can not be used.
If the table mode was skipped, you can drag and drop directories individually from the scanned initial state into the target state. To do this, go to a directory of the directory tree in the "Initial state" window and open the context menu with the right mouse button. Here you start the function "Apply this directory", The first directory acquired will open three new windows, the first one will find the selected directory.
For already inherited directories, the function is greyed out.
If you choose a directory directly below the share, only this will be adopted.
If you select a directory below, all directories are transferred from the share to the selected directory.
In the "Accounting" directory, the context menu is called up and "Apply this directory" is selected. The "Accounting" directory arrives in the "Target status in progress" window. Authorizations are not transferred.
With the transfer of the first directory, three new windows are opened:
- Target state in progress: Here you create the new tree structure by transferring directories from the initial state.
- Authorizations in progress: Here the permissions for the directory selected on the left are assigned.
- clipboard: Here you can search and save users and groups from the AD to authorize them in the new tree structure.
Permissions are made on this directory takeover not with taken over. Therefore, you must manually authorize the directories by dragging and dropping.
2. Authorize users and groups
Let's go to one of the inherited directories in the window "Target status in progress". An empty structure with the following entries appears in the window "Authorizations in progress" to the right.
- Read and Execute
- Modify Plus
- Full Control
The names say it already, these are the permission folders that are possible for the directory, into which the authorized users or groups can be inserted, according to the rights they should receive.
2.1. Take over users and groups from the initial state
First, in the "target status in process", the directory must be selected that you want to authorize. The Permissions in Progress window displays the five permissions, initially for this directory without permission.
In the window "Permissions initial state" single or multiple objects can be marked. The selected objects can be dragged with the mouse into the desired permissions folder of the selected directory. If you hover the mouse over the desired right, it will be framed in green and the objects to be justified will be displayed in a green frame. If you are correct, you can drop the objects.
Below in the account window, the members of a group or an authorization can be displayed and, as above, one or more can be selected in order to put them into the desired state:
2.2. Take over users and groups from the AD
In the right window, the "clipboard", users and groups can be searched in the AD. At least 3 characters must be entered to find objects containing this string. Selected objects are cached in the window.
Like the objects from the source folder, objects can be dragged from the clipboard to the permissions window.
3. Error messages and indication of the cause of the error
If, for example, you want to authorize an object that is already authorized in this directory, an error message appears.
To display the cause of the error, you must open the error list in the left-hand column with the small triangle (1).
A mouse over the red bordered "Finished with error" (2) will cause the error message to appear in the mouseover window.
4. More functions
If you call the context menu of a directory in the "Target state in process" window, you will find further functions.
This directory and all subdirectories and permissions are deleted. Share subdirectories can not be deleted.
Change inheritance status
With this function the inheritance can be interrupted. The function alternates between inheriting and interrupting inheritance.
This function creates a subdirectory for the current directory. Share subdirectories can not be created.
5. Create target state
After assigning the authorizations, the new authorization structure is created with the button "Create target state".
There is a lot more to this label than the word betrays. Behind it lies the functional heart of migRaven, The existing authorization structure is used to calculate a new authorization structure that complies with Microsoft best practice recommendations. The basis of best practice recommendations is this AG-DL-P-principle for the formation of authorization groups. New authorization groups and list groups are created, nested with existing groups and accounts, and assigned to existing directories.
This new structure is then stored in the Neo4j database.
You can view the result in the "Target status" and "Authorization target status" windows. Please check whether the target state meets your requirements for the authorizations. Until now, all data in the migRavenDatabase managed. Only with the next steps ("Deploy Groups", "Deploy ACL") will this structure be written into your system.
Image: The windows "Target status in progress" and "Authorizations in progress" have been replaced by the windows "Target status" and "Authorizations target status". The "Clipboard" window is no longer necessary.
Reset clears the created target state and returns to drag-and-drop without having to start a new project. You can change permissions again and create more.
However, you can not return to table mode.
Finally, the setpoint state must be generated again with "Create target state".