Content Manager OnDemand provides the ability to centralize or decentralize the administration
of the system. A centralized environment means that one type of user, a system
administrator, controls the creation and access to all of the objects defined
on the system. A decentralized environment means that the tasks of the system
administrator are divided and assigned to other users. The responsibilities
of the other users may vary from user administration, group administration,
application group administration, folder administration, or any combination
of the administrative tasks.
The decision to centralize or decentralize the administration of the system
should be made before objects are added to the system. While the decision
is reversible, the amount of work required to change from one type of administration
to the other can be significant if a large number of users, groups, folders,
and application groups have already been added.
There are many ways to decentralize the administration of the system, because
of the various user types and the additional authority levels that can be
specified for users. Two specific models will be discussed in this section:
the Object Type model and the Object Owner model.
- In the Object Type model, all of the objects on the system are logically
grouped into administrative domains according to the type of the object. The
administrator of a domain maintains all of the objects within the domain.
For example, an application group/folder/cabinet administrator
maintains all of the application, application group, folder, and cabinet objects
on the system.
- In the Object Owner model, the objects on the system are logically grouped
into administrative domains according to the creator/owner of the object.
An administrator maintains only the objects that they create. For example,
a user with create application groups and create folders authority can maintain
only the applications, application groups, and folders that they created.
The Object Owner model can be used to separate the objects on the system into
logical parts, such as a department, a company, or some other entity. Each
part is independent of the other and should be maintained separately. Each
part typically requires two administrative users. One user has the responsibility
for creating and maintaining users and groups. The other user has the responsibility
for creating and maintaining applications, application groups, and folders.
However, you can also define one user with the authority to create and maintain
users, groups, applications, application groups, and folders. In effect, the
one user would be the system administrator for a logical part of the system.