Setting up your Group-Office environment starts with setting up modules, users, groups and permissions. This page will give you an example of what we think is the perfect Group-Office setup for companies that want to take full advantage of all Group-Office features for office use. The right order of setting up should be:
It's important that you use this account only for administrative purposes. We strongly advise you not to use this account as a regular user for safety and usability reasons. Basically use the administrator account only for:
Global shared items
It's very important that you create global shared items as an administrator so you will avoid the following scenario:
User 1 creates an address book and projects. This user shares these items with everybody. Everybody uses those items. Now User 1 no longer works at your company. Time to remove the user account. Oops! The projects and his address book are gone too!
Installing modules can be done from Start menu -> Modules
All installed modules are listed there and you can reorder them with drag and drop. This is also the order in the Group-Office interface.
After installing a module the permission dialog pops up.
It's advised to give user groups access to modules rather than individual users. This way you can manage module access easier. You'll just have to add the new user to the right group. When a user has access to a module by a user group, the access checkbox will be greyed out. In most cases you should give users only "Usage" access to modules. The difference between Usage and Manage permissions on module are described in the table below.
In general users with manage permissions have access to the administration dialog of the module. Additional functions with "Manage" permissions are listed here:
|Module||Extra privileges with manage permissions|
|Summary||Manage announcements on the right side of the screen|
|Edit and add account settings|
|Projects||Adding projects in the root level|
|Users||Only give this permission to admins, as currently both "use" and "manage" allows to change anything on each user|
The first thing you need to do is create user groups for your company. Permissions are much easier to handle with groups then with individual users. When you grant the secretary access to all calendars as a user it will be a painful job to reset all permissions to another user when a new secretary joins the company. If you had done it with a group you could simply add the new employee to the secretary user group. So choose your groups wise with user permissions in mind. For example create:
On the "Manage permissions" tab you can control who may use this group for sharing items. By default the group itself is added so that every member may use the group.
A quick way of setting all the allowed modules for this user group.
A few special groups are created by default:
Admins: Users of this group will have permission to everything. Usually you don't want to add any user to this group. See above.
Everyone: All users are in this group. Use carefully when granting permissions to this group.
Internal: All calendars, address books and task lists are shared to this group with write access by default. New company users are commonly added to this group. It should contain all company users and not your customers. If you don't want to use this feature you may remove this group.
Many items in Group-Office are protected with permissions. For example address books, task lists, calendars, Note categories, Billing books and project types have access control. When you setup permissions you can add user groups and users to the access control list. There are different levels of permission:
|Read only||All items are read only|
|Create||Users may create new items but can't change them afterwards.|
|Write||Full write access|
|Delete||Delete is allowed|
|Manage||The user can do everything and can also change the permissions.|
When you add a new user or group it has read permission by default. You can change the level by clicking it in the grid. See the screenshot below.
Now that we've got the groups set up it's time to add the users. You can do this at:
Start menu -> Users -> Add
Fill in the profile fields. Mandatory are First name, Last name, Username, Password and e-mail. Make sure you setup the right regional settings for the users. The timezone is particularly important because events will shift if you change this setting later on.
Also pay attention to the "Permissions" tab. If you've setup the user groups correctly it should be a matter of adding this user to the right user group.
It's advised to give user groups access to modules rather than individual users. This way you can manage module access easier. You'll just have to add the new user to the right group.
Greyed out checkbox?
When a user has access to a module by a user group, the access checkbox will be greyed out
The second column controls the user groups the user is a member of. You can also manage the members of a group at Start menu -> Groups -> Double click the group
The last column controls which users groups are allowed to see this user. Users that are not in one of the checked groups will never be able to share items with this user.
New users can be made visible upon creation to a specific group by default. In your config.php file there is the following option: $config['register_visible_user_groups'] = 'Everyone'; You can change this option to make new users visible to a different- or multiple groups. Comma separated for multiple groups (eg. 'Everyone,Internal')
Sharing items in Group-Office works similar for every module.
To share an address book for example go to:
Address book -> Administration -> Double click address book -> Permissions
Here you can add the users and user groups you want to grant access. Read more about managing permissions here.
Global address book
If you want to create a global shared address book it is recommended to add this address book as the "admin" user so it won't be deleted along with a regular user when this employee leaves the company for example.
When sharing items we recommend that you use user groups rather than individual users because it makes permission management much easier.
The same logic applies for: