Permissions window

This window is used to set access for one attribute or the entire database. Currently, read-only access by client programs is supported by ClickMail, so the Permissions window contains settings for read access.

Types of Read Access

Everyone: Check this box to grant this permission (database, attribute, or entry) to everyone, without requiring that they log in with a password ("anonymous" access).

"whose IP is in the range:" To allow only users from within a range of IP addresses, check this box. In the text field enter a minimum and maximum IP number on one line separated by a space and/or hyphen. You many enter as many ranges as you wish. Attempts to access (the database, attribute, or entry) from outside these IP addresses are not permitted.

• Example: 123.45.67.1 - 123.45.67.100

Logged in Users: Check this box to grant this permission to users who log in with a password (which matches their password attribute value).

"whose IP is in the range:" To allow only logged-in users from within a range of IP addresses, check this box. In the text field enter a minimum and maximum IP number on one line separated by a space and/or hyphen. You many enter as many ranges as you wish. Attempts to log in with a password (or once logged in, access the attribute or entry) from outside these IP addresses are not permitted.

• Some client programs can log in with a name and password . Currently, this is done "in the open" over your network or the Internet (depending on where the client and server are). This provides a very small amount of security and control over who can view restricted attributes. Encryption of passwords or data is not available with this version of ClickMail.
• "Everyone" access includes logged in users. That is, a user may log in with a password even if logged in access is not enabled, if they meet the requirements for "everyone" access (such as an IP address range). "Everyone" means everyone. Logged in access settings allow access by a user with the right password where anonymous (everyone) access is not allowed.

LDAP Write Access

For LDAP clients that support updating entries (such as maX.500), LDAP Write Access controls which clients may make changes to LDAP entries. Only logged in users may make changes. Like Read Access, Write permissions may be limited by IP range.

Permissions window, used here to limit access to the "home phone" attribute