You are here: Administration > Security

Security

The security features control access to the media library and determine the level of access each user has. You create and manage user accounts in the User section, groups in the Groups section.

Security Settings

The following are the general MEDIAL security settings.

Allow Anonymous Access – If this is set to No, all content on the library is protected by a log-on screen. Enabling anonymous (guest) access allows administrators to assign public access to categories by giving the HMLGuest account rights to it.

Anonymous User – The anonymous user is called HMLGuest. The name is hardcoded into the system and cannot be changed.

Enable Secure Categories – If this setting is enabled, individual categories can be secured.

Allow Direct Access to Personal Category – When this setting is enabled, a user who doesn’t have upload rights to any categories can access a personal category.

Users

In the Users section, you can add, modify, and delete MEDIAL users.

Note: When users are authenticated using LDAP/Active Directory, you cannot add users to the system through the MEDIAL Users screen. Accounts are created for users when they successfully log in the first time using AD/LDAP. You can use the Users screen to view, but not to edit, the information populated by the directory services.

Adding Users

Clicking the Add New button brings up the Add User screen. Complete the form with the user’s details, supplying and confirming a password. In the list of groups, check the boxes to assign the user to at least one group. Click Save to save the user information.

Warning: A user must be a member of at least one group to be able to log in to the MEDIAL portal.

Groups

Groups are listed in the same way as users under the Groups accordion. Groups can be searched, edited, and deleted in the same way as users.

Click Edit next to a group to edit the group.

Group Details

You can change the following options under Details:

Group Name – Name of the group, which can be changed.

Note: When you use authentication directory services, the groups need to have the same name as the Organizational Units or Security Groups within your AD/LDAP infrastructure, depending on which is being used for authentication.

Administrator – Checking this box makes the group an administrative group. All users in the group will have full administrator rights to the library.

Upload Limit – Sets an upload limit on each group member. Once this limit is reached, the user cannot upload more content until they delete existing content or wait until the next calendar month, depending on the personal upload limit type in the system settings.

Tip: If a user is a member of multiple groups that have upload limits, the user's absolute upload limit is the aggregate value of the member group limits.

Group Access

The Group Access area lists the categories in the media library. You can give a group the following access to categories:

None – Group members cannot view or upload to this category.

View – Group members can play the media in the category but cannot upload content to the category.

View and Upload – Group members can view and upload media to the category.

View, Upload and Administer – Group members can view and upload media to the category. They can also delete clips in the category and edit the content of other users in the category. They may also move content to any of the other categories that they have administration privileges for.

For more information: Category administrators can manage content in their categories using the My Media area of their accounts.

Learning Tools Interoperability

The learning tools interoperability section allows MEDIAL to integrate with third-party learning tools such as Moodle and Blackboard. This section defines the information that MEDIAL uses to authenticate itself with the learning system. The same values must also be defined in the Moodle and Blackboard plugins. In the administrator settings area, you can also customize LTI global settings.

Key and SecretMEDIAL provides these credentials to the learning tool to access it. The same key and secret must also be entered in the Moodle or Blackboard interface.

The Access Level drop-down indicates the type of authentication used with the learning system:

None

LTI and AD/LDAP

LTI Only

AD/LDAP Only

Learning Tool Authentication Types

MEDIAL provides different ways for learning tool users to access the media library. It supports Learning Tool Interoperability (LTI), which is supported natively in the learning environments. If you are using AD/LDAP to authenticate MEDIAL users, you can use the AD/LDAP setup alone or in combination with LTI. The following sections describe these authentication methods.

Note: All types of authentication simply allow access to MEDIAL from within the learning tool. Once content is selected and subsequently displayed on the LMS Course page it is, in most cases, viewable by users with access to that Course Page. However if AD/LDAP is used for authentication and a user not registered with directory services tries to view the content, the access is denied.

 

 

Copyright © 2017 Streaming Ltd