How to setup Multi-tenant environment in suite CRM using Security group

We can set up a multi- tenant environment in open source Suite CRM using security groups . In this tutorial , we will learn how to set up Suite CRM with multi tenant environment , We will create groups of users based on security groups and all users in same security groups will have their separatedata and users of other security groups will not be able to access said data such as leads, contacts etc .

Table of contents:

1). Users

  • create new users

2). Security groups

  • Create security group

  • Add users to security group

3). Role management

  • create role

  • Assign or set permission in role matrix

  • Assign role to individual users

  • Assign role to security groups

4). What permission need to setup multi tenant setup

1). USERS:

Regular users have access to their own user account details and can edit address details, set preferences, set up personal email and change their password. Regular users have not access to create new users and security groups.

Steps for see users list:

  • Open the Administration panel and click on Admin from the dropdown at the top right-hand of the SuiteCRM screen.

  • Then select user management and click on it.

 

 

 

 

 

 
 
 
 

After clicking on user management users list page open where admin can see the list of all users.

 

Create new user:

Select create new user from the slide bar and click on

ICTCRM2

  • after that Create user page will open and then add required information in tabs such as user profile tab, password tab,advance tab and layout options.

User profile Tab:

  • in user profile tab enter user name, user’s first and last name.

  • Set account status active/inactive

  • Select user type as regular user/administrator.

  • Set two factor authentication(optional) if required for secure the account.

ICTCRM3

 

  • Add email address that is used to generated email such as workflow notification and record assignments.

ICTCRM4

 

password tab:

  • Enter the password in new password field

  • Enter the password again in confirm password field

ICTCRM5

 

Advance tab:

  • set local setting such as date format, time format, time zone, and Currency

  • then enter publish key in Calendar option setting to serch user location and iCAl integration

URL

ICTCRM6

2. Security groups:

Security groups allow you to define groups of user with particular access rights defined by the roles attached to the group. Groups can also be used to assign records to teams of users.

Key steps to setting up groups:

1. Create a group for each team of users and add the appropriate users to that group.

2.Create a role and select the access levels and permissions. Assign that role to each group.

Create security group:

  • open the administration panel and select the security suite group management and click.

ICTCRM7

 

Then select Create security group from side bar and click on it.

ICTCRM8

after that create page will open and then put requirement information in boxes

  • Enter name of group and select Assign to: admin/user

  • check or not checked the not inheritable box if require and in last click on save button

ICTCRM9

NOTE: if you checked the not inheritable box then group will not automatically attached to any record.

Add User in Security group:

  • Open the admin panel and select security group management and click as describe above.

  • Then select the security in which you want to add user and click.

ICTCRM10

 

Then click on select button in USER portion of this page.

ICTCRM11

After click on search select the user that you want to add and click on it.

Add role in security group:

  • Open the admin panel and select security group management and click as describe above.

  • Then select the security group in which you want to add user and click.

ICTCRM10

Then click on select button in Role section of this page.

ICTCRM12

    • then select the role that you want to add in this group and click on that.

  2. Role Management:

Roles are used to define access rights to modules and determine what a user can do with a record once they have access to it.

Create a role to define access to modules and the functions users will be able to perform on records within these modules. The role can then be assigned to security groups or to individual users where appropriate.

Create Role:

  • Open administration panel and select the role management and click on it.

ICTCRM13

  • Select create role and click on it:

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Create page will open then enter title and description in required fileds and click on save button.

CREATE Roles ICTCRM

Instruction to Set permissions for multi-tenants Users:

Once the role has been created, the role matrix will be displayed, showing all the configurable access options for each module.

 

Click on a cell to change the access setting. you can change the setting for an entire column by clicking on the column heading.

Roles and Security Groups SuiteCRM Documentation

Set Permissions for Multi Tenants Users:

If users should only see their records then the role you would assign to them or their group would be set permission as Owner rights.

Or if a user that is head of security group would see records of all users of group would be set permission as Group rights.

Steps for Set Permission:

as an example only set permission for contacts.

For Contact module:

  • Select the contact module from role matrix.

  • Enable The Access cell of Contact module (User has access to this module by enable it).

  • Set the Delete cell as “Owner” ( user can only delete his records).

  • Set the Edit cell as “Owner” (user can only edit his records or data).

  • Set the Export cell as “Owner’ (user can only export his record or data).

  • Set the Import cell as “all/not set/none”.

    1. if set the import cell as “All” user can import data of all users

    1. if set the permission as “not set” user can import data as defult permissions.

    1. if set the permission as “none” user cannot import data.

  • Set the List cell as “owner” (user can see only list of his records and data.

  • Set the mass update cell as “all/not set/none”.

  • Set the View cell as “Owner” (user can only view his records and data such as contacts, documents and so on.

Users Roles ICTCRM

 

Assign this Role to users:

open the administration panel and select role management and click on it

  • select the List Roles from sidebar and click on it

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

  • after that select users role that we create above and click on it.

Roles ICTCRM

after that role matrix page open then click on select button from Users section on bottom of page

  • after that select the users for assign this role.

Users Roles ICTCRM2

Assign This Role to Security groups:

  • open the administration panel and select role management and click on it

  • select the List Roles from sidebar and click on it

  • after that select users role that we create above and click on it.

  • after that role matrix page open then click on select button from security group management section/menu on bottom of page.

Users Roles ICTCRM3

After that select the groups for assign this role to them.

Bookmark/Search this post with
  • Facebook logo
  • Twitter logo
  • Technorati logo
  • del.icio.us logo
  • Digg logo