Prerequisites

  • To have the permission Users administrator

To access the users and groups management, click on Lena's icon in your task bar and then click on :

Users Management

To manage users, click on the corresponding icon in the side-left menu :

Here you have access to the following actions:

  • Create a new user
  • Search a specific user among existing users
  • Manage an existing user

For each user, the existing users list shows from left to right:

  • its username
  • its email address
  • an overview of its permissions
  • the groups it belongs to
  • if the Sing Sign On is activated, its status (configured or not) for this user

For the permissions' overview, it is possible to know the meaning of each icon by hovering the mouse pointer on it. For each icon:

  • The colors shows if the permission is granted or not to the user (green for granted, red for denied).
  • A vivid color tells that the permission is explicitly set for this user, a pale color tells that it derives from a group to which the user belongs to.

NB

If Single Sign On is used in your organization, you will not be able to create new users, those can only be created by the identity supplier of your organization.

Modify an existing user

To modify an existing user, click on the left-most pencil icon on the user's row (use the right-most trash icon to delete it):


The left-most icon cancels the modifications and the right-most saves them. Besides, it is possible from left to right to:

  • modify the username
  • modify the user email address
  • send to the user a password reset email
  • modify the user's permissions
  • modify the groups the user belongs to
  • revoke the link between a Lena user and an Active Directory user when SSO is activated


Clicking on the permissions overview shows the full view that is used to configure them one by one (for a detailed list see here under. For each permission it is possible to set it as:

  • : the permission is denied to the user.
  • : the permission is not explicitly set for the user but derives from the groups to which the user belongs.
  • : the permission is denied to the user.

The right-most column shows the resulting permission (Allow ou Deny).

NB

Regarding permissions' hierarchy :
  • If a user belongs to several groups with conflicting permissions (some groups set the permission to Allow, others to Deny), the more restrictive rule will prevail (thus Deny).
  • Permissions set on the user prevail over those set on the groups he/she belongs to because they are more specific.

Click on the existing groups list to modify it: click on the icon on the left of a group to delete this user from the group and start typing the name of a group in the Add user field to add this user to the group.

Permissions list

The permissions you can grant or refuse to grant to an user are the following :

  • Synchronization: defines in which extent a user can keep a local copy of Lena data on his/her computer ((data is encrypted, thus unreadable should the computer be lost/stolen) to improve performances and enable offline usage.
    • Can access recent items offline: permission to store locally files recently used.
    • Can synchronize offline folders: permission to make a folder available offline.
    • … even protected folders: extends the prior permission to protected folders.
  • Sharing: protections related to documents shares with external users.
    • Share files: permission to create sharing links for external users.
    • … even in protected folders: extends the prior permission to [protect|protected files/folders]].
    • Can create extranet folders: permission to create a permanent access to a file/folder for external users.
    • Can invite people in extranet folders: permission to grant access to new external users for a previously created extranet (accessible only to users having the previous permission).
  • Critical permissions: gathers the most sensitive permissions.
    • Drives administrator: permission to manage drives (creation, deletion…).
    • Users administrator: permission to manage users and groups of users (creation/modification/deletion)
    • Manage access matrix: permission to manage access rights through the access matrix.
    • Full adminstrative privileges: grants all the administrative permissions.
    • Can use login/password to bypass SSO : for companies using SSO, permission to login with an username/password as well to access Lena outside the company.

Modify an existing group

To modify an existing user, click on the left-most icon on the group row ( icon to delete it).


The left-most icon cancels modifications and the right-most icon saves them. Besides, it is possible from left to right to:

  • modify the group name
  • modify the group permissions
  • modify the users list of the group


The groups permissions work the same way as the users permissions, see Modify an existing user and Permissions list.

Click on the users list of a group to modify it: click on the icon on the left of a user to remove it from the group and type a username in the Add user field to add this user to the group.