Understanding User Roles and Share Authorization

Overview:

User roles in Shares determine a user's permissions to access and perform actions on a share. There are three user roles for an account authorized to access a share: administrators, managers, and regular users. Admins have full permissions to view, modify, and remove all existing shares and users. Managers have permissions to view, modify, remove shares they have authorization to manage. Regular users have permissions depending on the authorizations given them by admins and managers. User, group, and directory service accounts must be authorized to access a share. If authorized, a user can perform the following actions on a share:
Note: If you do not have browse permissions but have all other permissions, you can still perform Upload File and Upload Folder operations in the user interface (UI). However, you will not have permissions for other UI operations such as Delete or Download, and the contents of the share are not displayed.

Authorization Precedence

Administrators

Users with the admin permission can create new shares and users. Admins have full rights to modify or remove all existing shares and users.

Managers

Administrators can use the manager permission to delegate the creation of shares and users to another user without giving that account full administration privileges. Like administrators, managers can view, edit, and remove share authorizations but only for shares that they manage.Assigning a user to a share as its manager gives that user administrative privileges for that share and all inherited subdirectories. If a user creates a new share within a managed share, the manager of the share automatically gains administrative rights to the new share as well. Refer to Authorizing a User, Group, or DS With Manager Permissions for instructions on how to authorize manager permissions for a user.

Though a user with manager permissions effectively becomes the admin for that share, the following restrictions apply:

For more information on authorizing a user as the manager of a share, see Authorizing a User, Group, or DS With Manager Permissions.

Users

A regular user can access any share for which it has authorizations to access, but the actions it is allowed to take are set and managed by any user with administrative priviliges for that share. Some common actions include browsing, uploading, and downloading files, and modifying the directory holding the files.