Security Overview
ChangeMan ZDD has built-in security features, primarily designed for multiuser Windows Server environments. In such an environment, you have many users sharing the same physical machine.
These security features allow a ChangeMan ZDD administrator to control a user’s access to various functionality in the product.
Certain parts of the ChangeMan ZDD configuration settings are system-wide, and shared by all users. Changing system-wide settings should be restricted to ChangeMan ZDD administrators. System-wide settings include the following:
-
Server definitions
-
ChangeMan instance definitions
-
Mappings for file types and file extensions
-
Cache, network, and code page settings
Most other settings such as filters, user-defined folders, text editor settings, etc. are user- specific, and not restricted by security controls.
A ChangeMan ZDD administrator can restrict the following:
-
Which users can use the product
-
Which users can update system-wide configuration settings
-
Which users can access a server
-
Which users can access a ChangeMan instance
If a property page contains items that only administrators can change, those fields will be display only, unless you are a ZDD administrator.
Those menu commands that require the ZDD administrator privilege will only appear on the menus of administrators. This includes commands that add or delete servers or ChangeMan instances.
A user will only see those servers and ChangeMan instances for which he has permission to access. All others are hidden.
If a user does not have permission to use the product at all, the ZDD Network is not present in the File Explorer or Desktop, and the ChangeMan ZDD shortcuts will not appear in the Start Menu. You can only restrict people from using the product if you install ChangeMan ZDD as a per-user product installation. See the next section for details on per-user product installations.
These security controls also apply to the COM and .NET programming/scripting interfaces.