Administering user permissions

You can assign permissions to Global Mailbox users to control the operations that users can perform on mailboxes.

User permissions are set for each mailbox for each Global Mailbox user. User permissions to a mailbox do not grant permissions to the submailboxes.

Users are not assigned permissions automatically. When a user is added to the Global Mailbox system, a Global Mailbox administrator can assign permissions to the user.

You can manage user permissions from either the Mailbox Explorer page or the User Explorer page of the Global Mailbox management tool:
  • From the User Explorer page, administrators can manage all Global Mailbox permissions for a specific Global Mailbox user.
  • From the Mailbox Explorer page, administrators can manage permissions for all Global Mailbox users that have permissions to a specific mailbox.

Application users cannot assign or remove permissions. Only Global Mailbox administrators can assign or remove permissions.

Each user can be assigned the following permissions for mailbox:
View this mailbox
The user can navigate to the mailbox and view all messages in the mailbox.
Create submailboxes
The user can create submailboxes within the mailbox.
Delete this mailbox
The user can delete the mailbox.
Create messages
The user can add messages to the mailbox.
Extract messages
The user can download all messages in the mailbox.
Delete messages
The user can delete messages in the mailbox.
Change properties
The user can change message extraction criteria for the mailbox.
Application permissions
Permissions that are defined in the application where the user is created.
For example, the EXECUTE permission for Sterling B2B Integrator is an application permission, which allows access to a virtual root.
Important: To create messages from Sterling B2B Integrator protocol adapters, the user must have all of the following permissions:
  • Create messages
  • Change properties

Global Mailbox administrators have all permissions. Administrator permissions cannot be changed. Because administrators have all mailbox permissions, administrator users are not displayed in the Add User Permission wizard.

Each user record is unique for the application where the user is created, and permissions are associated with this record. There can be multiple entries for a user, but each for different applications. These multiple entries are not associated with each other. Global Mailbox administrators do not have permissions records.