Attachments

 fchackboys

Admin Permissions Howto

Hermes

To allow authenticated users to see the time tracking module you must give at least Show and Read permissions to the "hermes" application

• Choose Administration --> Permissions
  • Click on the All Permissions "keys" icon
  • When the "Add a child Permission" pane appears, choose the Hermes module
  • Click the Add button
  • Click the "notepad" icon to edit the permissions for Hermes
  • On the default permissions tab, check Show and Read

To allow a user to be able to Review time from other users you must make changes to the hermes permissions. Here are the steps:

• Choose Administration --> Permissions
  • If the Hermes permissions are not yet set, follow the steps above.
  • Click on the Hermes "keys" icon
  • When the "Add a child Permission pane appears, choose the Time Review module
  • Click on the Permissions tab for the user or group that you want check, Show

Turba

A read-only LDAP address book

To allow authenticated users to search the addressbook of your organization (provided it is kept on an LDAP server), and to use the e-mail addresses contained therein to compose messages:

1. Define, in turba/config/sources.php, that addressbook, using sizelimit, export, and browse to prevent large-scale address copying, e. g.:

/** Central E-Mail Directory (read-only) **/

$cfgSources['localldap'] = array( 'title' => [http://www.horde.org/horde/docs/?f=po_README.html#extending-existent-translations _("E-Mail directory Example Ltd.")]

                                , 'type' => 'ldap'

                                , 'params' => array( 'server'    => 'ldap.example.com'

                                                   , 'port'      => '389'

                                                   , 'tls'       => false

                                                   , 'root'      => 'ou=people,o=Example Ltd.,c=com'

                                                   , 'charset'   => 'utf-8'

                                                   , 'sizelimit' => 200

                                                   , 'scope'     => 'one'

                                                   , 'version'   => 3

                                                   ),

                                , 'map'    => array( '__key'     => 'dn'

                                                   , 'name'      => 'cn',

                                                   , 'email'     => 'mail'

                                                   ),

                                , 'search' => array( 'name',

                                                   , 'email'

                                                   ),

                                , 'strict' => array('dn')

                                , 'export' => false

                                , 'browse' => false

                                );

2. Login to Horde as an administrator, then select the Administration/Permissions menu.

1. Under All Permissions, add new permission Address Book (turba)
   1. Under Address Book (turba), add new permission Sources (sources)
   2. Under Sources (sources), add new permission E-Mail directory Example Ltd. (localldap)
   3. Edit the added permissions to grant all authenticated users the following rights:
      • Address Book (turba): Show, Read, Edit, Delete (This will provide access to turba via the menus.)
      • Sources (sources): Show, Read, Edit, Delete
      • E-Mail directory Example Ltd. (localldap): Show, Read (This will hide, in the several menus, all editing operations that would otherwise cause weird error messages.)