New User Default Rights [hack]

[Chiramisu]

Hello all. I recently ran into this issue when adding a new user in Vault 6.1.0 and thought I'd share my solution with the community. This solution requires access to the web server where Vault is hosted.

A couple weeks ago I was requested to give access to Vault to a new employee. I was very busy at the time and added him quickly. Just today I discovered that I accidentally added that user with Default Rights of RCA. Since his user group restricted him to only a couple repositories and folder security is also implemented, I think it was of non-affect (per the KB Topic: Security Settings Examples), but I still found it a bit troubling to show him with RCA right when the only user I have set for that is the default Admin user.

To prevent this in the future, I was fortunately able to find that the \VaultService\Admin\User.aspx page had the default selection right there in the markup. Under the dropdown control "DropDownListDefaultSCCRights" I simply moved the "Selected="true"" attribute to the "None" list item. Now whenever I create a new user, I don't have to worry about forgetting to set this.

I Hope someone finds this useful, and I hope the admins don't mind me sharing this here.

[Beth]

I haven't tested this out, so I can't confirm anything with it. I have no problems with users trying that.

For users that use this hack, if any issues arise, please mention that this hack was used so that I don't spend hours of your time going down the wrong path.

Another option is to set the default rights for each of your repositories to none. That will trump the user's default rights. The user's default rights would then only come into play on repositories where the default access is to have access.

Then you could create groups and give the groups access to certain repositories and folders, then add the users to the groups.