The example in this section shows how planning can be implemented for three departments in a hypothetical company: Accounting, Sales, and Production. The three departments have a total of 15 printers with five for general use and the others dedicated to the various departments. Any user should be able to see and print to the general use printers, but only users in a given department should be able to see and print to the department printers.
Each department has its own dedicated administrator. The administrators are acctadm, salesadm, and prodadm. The company has created a special user called ezadm to be the senior administrator. The user ezadm became the EasySpooler administrator during installation and was automatically given the SeniorAdmin role.
The company decides that it wants to allow the senior administrator and the production department administrator to view the contents of a document even if they are not the owner. They will need the capability ViewDocOther.
The predefined Admin role has the right capabilities for the other two department administrators. It also decides that the predefined User role has the capabilities it wants to give to users in all three departments.
The production department has many users and has a group associated with it. Therefore, the senior administrator does not need to define user permissions for each user; defining group permissions for the Production department will suffice.
The other departments have only a few users and no department-specific group. The senior administrator will define user permissions for each of these users.
Here are the steps the senior administrator takes:
Name |
Destination List |
PublicPrinters |
lp01, lp02, lp03, lp04, lp05 |
AcctPrinters |
lp06, lp07 |
SalesPrinters |
lp08, lp09, lp10 |
ProdPrinters |
lp11, lp12, lp13, lp14, lp15 |
Edit the Base permissions so that all users have access to the destination list PublicPrinters. See Base Permission.
Edit the Default permissions by deleting existing permissions. See Default Permissions. This means that users not defined under User Permissions do not have access to documents, destinations, or administrative functions.
Add a permission definition under User Permissions for each of the three department administrators, giving each the Admin role and access to their department printers. See User Permissions.
Update the capabilities to include ViewDocOther on the permission definition for the senior and production department administrator.
Add a permission definition under User Permissions for each of the users in the Accounting and Sales departments, giving each the User role and access to their department printers.
Add a permission definition under Group Permissions for the Production department. See Group Permissions.
The user and group permissions can be summarized as follows:
Name |
Group |
Role |
Additional Capabilities |
Destinations |
ezadm |
|
SeniorAdmin |
ViewDocOther |
All |
acctadm |
|
Admin |
|
AcctPrinters |
salesadm |
|
Admin |
|
SalesPrinters |
prodadm |
|
Admin |
ViewDocOther |
ProdPrinters |
acct1 |
|
User |
|
AcctPrinters |
acct2 |
|
User |
|
AcctPrinters |
sales1 |
|
User |
|
SalesPrinters |
sales2 |
|
User |
|
SalesPrinters |
sales3 |
|
User |
|
SalesPrinters |
|
prod |
|
|
ProdPrinters |