Layer 2 adds in some further segregation for the institutions. Building on Layer 1 security, this layer requires the actual creation of an Institution Number(and descriptive Institution Name) that tie to the Institution # keyword values. These values are created in the Configuration module, by selecting Utils | Institution Names. Once the first Institution Number is created, OnBase immediately converts to a Layer 2 system.
A Layer 2 system requires that an Institution Number be assigned to each user account, and that this number correlates to the Institution # security keyword assigned to the user group that the user is a member of.
In order for security to be properly enforced in a Layer 2 system, the value for the Institution # security keyword on the user account and the Institution Number assigned to that same user account MUST correspond. The software does not restrict the super user from assigning any combination of security keyword and institution name configurations for a user account.
This layer provides:
Document segregation strictly through the use of the security keywords. As users access documents from document types that have an Institution # keyword assigned, they will only see the documents whose institution-specific keyword value is the same as their security keyword value.
The ability to specify overlays according to institution on your document types
The ability to segregate configuration information according to institution in the Document Distribution module.
The ability to apply institution-specific Records Management settings to a managed Folder Type.
The use of an institutional super user. The super user is granted privileges to perform any configuration of institutional-based data. In layer two, an institutional super user is a user account with 99 assigned as their institution number. When accessing dialog boxes that incorporate Institution Number or Institution Name, these users are offered the choice of any configured institution.
Super users are the only users that are permitted to promote a user to the super user level.
It is recommended that the institutional super users not be placed in any groups that are limited with Institution # security keywords. This may only impede the performance of their queries without providing any value or restrict them from seeing documents that they may need to access. These users are intended to access all documents within the document types that they may access regardless of institution. Other security keywords will take effect if they are implemented.