Skip to main content

Permissions And Security

ArkBox is designed around authenticated access, role-based permissions, controlled sharing, and audit-friendly activity review.

Access Model

Permissions can come from direct roles and from group memberships.

LayerPurpose
UserThe individual account used to sign in.
GroupA collection of users, usually based on team, department, project, or directory membership.
RoleA named permission set, such as Admin, Project Manager, Viewer, or HR Manager.
PermissionA specific ability to view a page or perform an action.

Why Users See Different Screens

Two users may see different navigation items, pages, fields, and row actions because ArkBox filters the interface by permission. This is expected behavior.

When troubleshooting access, check:

  • Whether the user account is active.
  • Whether the user has the expected role.
  • Whether the user belongs to the expected groups.
  • Whether the role includes the required permission.
  • Whether the module depends on additional settings, such as LDAP, SMTP, RemoteOps, or vault share configuration.

Vault Security

ArkBox Vault shares are not exposed by default. An administrator must intentionally create a share from an agent path, assign groups, and select allowed actions.

Use the least-permission model:

  • Grant read-only access when users only need to inspect files.
  • Add download access only when users need local copies.
  • Add write access only for teams that must upload or modify files.
  • Add delete access only when the team workflow truly requires it.

Authentication Notes

ArkBox can support local accounts and LDAP-backed directory accounts, depending on system configuration.

Good authentication practices:

  • Disable accounts when users no longer need access.
  • Prefer group-based role assignment where practical.
  • Test LDAP before enabling it for production users.
  • Ask users to log out after password changes or shared-device sessions.

Audit And Logs

The Log Viewer helps administrators review activity, errors, warnings, user actions, IP addresses, and status changes.

Use logs when investigating:

  • Failed sign-ins.
  • Permission questions.
  • Missing or failed backups.
  • SMTP delivery issues.
  • Unexpected user or system activity.