SITECORE: Understand Users and Roles in Sitecore

Credits:

Fist things first - a big thank to http://www.nehemiahj.com/
For SSO Stuff go to his blog.

The Administrator:

Sitecore Admin are the kings. The need no group/role to access the Content editor. They will be able to access the whole system with a single checkbox in user admin.





The roles or groups

The basic roles in Sitecore are the following:

sitecore\Sitecore Client Account Managing
sitecore\Sitecore Client Authoring
sitecore\Sitecore Client Configuring
sitecore\Sitecore Client Designing
sitecore\Sitecore Client Developing
sitecore\Sitecore Client Forms Author
sitecore\Sitecore Client Maintaining
sitecore\Sitecore Client Publishing
sitecore\Sitecore Client Securing
sitecore\Sitecore Client Translating
sitecore\Sitecore Client Users

The minimum role that user should have is "Sitecore Client Users". If the user doesn't have proper roles, Sitecore will throws access denied error and redirects to default Sitecore login page.

Each group has different access levels. For minimum level of access, the particular user should be a member of Sitecore Client Users.

The brief information on each group.

Group
Members – (Domain - Sitecore)
Member Of
sitecore\Sitecore Client Account Managing
Sitecore Local Administrators
Sitecore Client Users
sitecore\Sitecore Client Authoring
Author
Sitecore Client Users
sitecore\Sitecore Client Configuring
Developer
Sitecore Client Users
sitecore\Sitecore Client Designing
Design
Sitecore Client Users
sitecore\Sitecore Client Developing
Developer
Sitecore Client Users
sitecore\Sitecore Client Forms Author
Sitecore Marketer Form Author
Sitecore Client Users
sitecore\Sitecore Client Maintaining
Developer
Sitecore Client Users
sitecore\Sitecore Client Publishing
-
Sitecore Client Users
sitecore\Sitecore Client Securing
Sitecore Local Administrators
Sitecore Client Users
sitecore\Sitecore Client Translating
-
Sitecore Client Users
sitecore\Sitecore Client Users
-
All Other Groups

Ex: A normal content author should be at least a member of Sitecore Client Authoring group.



Access Levels of each Group – Ref: Link

     1.    Everyone

             Applications:
§  Content Editor
§  Media Library
§  WebEdit
§  Preview
§  Carousel
§  Recycle Bin
§  Search
§  Workbox
§  Control Panel

Content Editor Commands
·  Navigate
·  Review
·  Versions
·  View

Control Panel Commands
·  Administration
·  Preferences
·  Reports


     2.    Sitecore Client Users

Every User who wants to login using LDAP or Single Sign On has to be a member of this group. If not, LDAP login will not allow the user to login.

Cannot log in: The user '<DOMAIN>\<USERNAME>' is not a member of the 'sitecore\Sitecore Client Users' role

     3.    Sitecore Client Authoring

This is the basic role for a user to author in the site.

            Access to:
·  The Home tab, all chunks and commands.
·  The Review tab, Validate and Workflow chunks.
·  The Publish tab, Restrictions chunk.
·  The Versions tab, Versions chunk.

     4.    Sitecore Client Configuring

Access to:
·  Change the appearance
·  Configure tab to the Content Editor

     5.    Sitecore Client Maintaining

This role is for the Sitecore developer. Almost like second higher level access after Admin role

Application Access:
§  Template Manager
§  Development Tools
§  Reporting Tools
§  All Applications

Content Editor Commands
§  Versions tab Reset command
§  Configure tab Change Template and Edit Template
§  Presentation

Control Panel Commands
§  Administration
§  Database
§  Globalization
§  Reports

     6.    Sitecore Client Publishing

This role provides access to trigger publishing. This enables the publish chunks in publish tab in the content tree.

     7.    Sitecore Client Account Managing

Sitecore Client Account Managing provides access to applications used to maintain users, roles, and domains.

     8.    Sitecore Client Designing

Sitecore Client Designing provides access to the Page Editor Design Pane features.

     9.    Sitecore Client Translating

Provides access to languages other than site’s default language.

Content Editor Commands
§  Review
§  Versions

Control Panel
§  Reports

     10. Sitecore Client Securing

Provides access to maintain users, roles and access rights.

Application
§  Security Editor
§  Security Tools

            Content Editor
§  Security Tab

            Control Panel
§  User Manager
§  Create a new User

     11. Sitecore Client Developing
                       
Developer role needs other roles like
§  Sitecore Client Authoring
§  Sitecore Client Maintaining
§  Sitecore Client Configuring
§  Sitecore Client Securing

            Application
§  Developer Center
§  Debug
§  Development Tools

            Content Editor Commands
§  View chunk’s Hidden Items, Standard Fields, and Raw Values toggles

            Control Panel
§  Database

     12. Sitecore Client Forms Author

This role provides user to design web forms using web form for marketer’s module.


Recommended Roles and Access Levels

     1.    An Author:

An author is a person who does content changes, add a new version, configuring an item (ex: Icon to an item) and design forms using WFM.

Roles:
a.     Sitecore Client Users (Base to other roles.)
b.    Sitecore Client Authoring
c.     Sitecore Client Translating
d.    Sitecore Client Forms Author
e.     Sitecore Client Configuring
f.      Sitecore Client Designing – (Higher access to set layouts)

     2.    A Security Administrator:

A security admin is the one who does administrative tasks like adding a new user, providing access to Sitecore items, verify the user access levels etc.

Roles:
a.     Sitecore Client Users (Base to other roles.)
b.    Sitecore Client Securing
c.     Sitecore Client Account Managing

     3.    A Release manager:

A release manager is the one who takes care of deployments, manages the content tree. He is one who takes care of Package Installation and publishing.
(Facilitator, Gatekeeper, Architect, Coordinator)

Roles:
a.     Sitecore Client Users (Base to other roles.)
b.    Sitecore Client Maintaining
c.     Sitecore Client Publishing
d.    Sitecore Client Configuring

     4.    A developer:

A developer needs access to the developer specific functionality in the user interface.

Roles:
a.     Sitecore Client Users (Base to other roles.)
b.    Sitecore Client Developing
c.     Sitecore Client Maintaining
d.    Sitecore Client Designing
e.     Sitecore Client Configuring
f.      Sitecore Client Authoring
g.    Sitecore Client Translating
h.    Sitecore Client Forms Author
i.      Sitecore Client Securing – (Higher Access - Not recommended)

Comments