Organizing your team
The concept of users and groups has been implemented to manage who gets to see and perform certain actions. A user needs to be part of at least one user group but can be assigned to as many user groups as you like. For each user group, you can control what the users in this group may see and do. We call this concept permissions.
There are multiple ways in which you can decide on user groups. The two most common ways are:
- Based on the function within the company
- Based on permissions in Kadanza
1. Based on the function within the company
Most companies are structured in different departments or teams. People who are part of these departments or teams often have the same permissions.
For example: let’s assume we set up Kadanza for a packaging company specialized in creating cardboard boxes.
The teams could be:
- Management: People focus on the company’s day-to-day management, finances,…
- Marketing: Everybody working on marketing, communication, sales,…
- Design: The people that design the new cardboard boxes and communication materials for the marketing team.
- Production: Everybody in the factory who makes sure the boxes are created, packaged,…
The user groups created for this company would then be:
As a marketing employee, I am in the user group “Marketing”, as a production employee, I am in the user group “Production”, and so on. You could decide to create a user group for each team listed above. This provides a clear structure that is aligned with your company structure. If your company has an Active Directory (AD) in which all user accounts are managed, a structure like the one above has probably already been set up for user management.
2. Based on permissions in Kadanza
Another way of creating user groups is by starting from your permissions scheme. In this way, you can easily see which user has which permission(s). The downside of this approach is that this structure does not match most AD setups, which means that your IT department will have to add every user to the correct group(s) to ensure they have the correct permission in Kadanza. If you are connected via Single Sign-On (SSO) to other platforms, chances are high those platforms have different permissions, structures… making the number of different user groups unclear in your AD.
For example: let’s use the same teams from the packaging company in the previous example.
The user groups created for this company could be:
- Basic user: Has access to a limited set of pages and Assets categories.
- Advanced user: Has access to all pages and categories.
- Upload: Can upload, edit and delete assets.
- Download: Can download assets.
As a Marketing employee, I am in the groups “Advanced user”, “Upload” and “Download”. As a Production employee, I am in the groups “Basic user” and “Download”
From our experience, a combination of both function and permission-based configurations works best for most of our customers and ensures every possible scenario is covered.
When using Single Sign-On (SSO) to access Kadanza, the user groups are determined by your IT department. So be sure to discuss the options with your IT when SSO is required during the setup.