Limiting Access to Business Desk Modules
You can prevent specific users from accessing particular Commerce Server Business Desk modules. You do this by setting access control entries (ACEs) on Business Desk ASP files. Each Business Desk module has a main ASP file that is checked for ACEs before it is added to the Business Desk navigation pane. If the logged-in user running Business Desk does not have Read permission on the main ASP file for that module, the module will not be exposed in the navigation pane for that user.
To limit access to Business Desk modules
In Windows Explorer, navigate to the folder that contains your Business Desk application files.
This is the folder that hosts your IIS Web site. By default, this folder resides in the Inetpub\wwwroot folder.
Click the folder that contains the module you want to limit access to.
Using the information in the following table, right-click the name of the files that correspond to the module you want to limit access to. Then click Properties.
Click the Security tab.
On the Security tab, you can manage the ACEs contained in the access control list (ACL) of that file.
The following table shows the files on which you can set ACEs for each Business Desk module.
To control access to this category/module Set an ACE on this ASP file Analysis/Reports Analysis\Analysis_reports.asp Analysis/Completed Reports Analysis\Analysis_report_viewer.asp Analysis/Segment Viewer Segviewer\Modellist.asp Campaigns/Campaign Manager Marketing\Cmanager.asp Campaigns/List Manager Marketing\Listmanager.asp Campaigns/Campaign Expressions Marketing\Targetexpr.asp Campaigns/Target Group Marketing\Target_group.asp Campaigns/Reference Tables Marketing\Reftable.asp Campaigns/Publish Campaigns Productionrefresh\refresh.asp Catalogs/Catalog Designer Catalogs\Designer\List_categorydefinitions.asp Catalogs/Catalog Editor Catalogs\Editor\List_catalogs.asp Catalogs/Catalog Sets Catalogsets\Catalogsets_list.asp Orders/Basket Manager Orders\Basket_list.asp Orders/Data Codes Application\Datacodes_list.asp Orders/Order Status Orders\Orderstatus_list.asp Orders/Publish Transactions Productionrefresh\refresh.asp Orders/Shipping Methods Shipping\Shipping_list.asp Orders/Tax Rates Tax\Regionaltax.asp Users/Users Users\Registered.asp Users/Organizations Organizations\Orgs.asp Users/Profile Designer Profiles\Profileselector.asp Users/Site Terms Editor Profiles\Profileeditor.asp Users/Publish Profiles Profiles\Refreshprofilesvcall.asp
Notes
If an individual user and the Authenticated Users group have access to a Commerce Server Business Desk module, and you take permission away from the individual user, restart the client computer in order to redraw the navigation bar, so the modules the user has permissions to use are refreshed in the navigation bar.
If you include an ACE for the Administrator account, you must also grant permissions to the Everyone group. The exact set of permissions is not significant, but the Everyone group must be present in the list of users and groups. If the Everyone group does not have permissions to a Business Desk module, an administrator will not be able to access that module.
If you secure one of the following modules, all three of them are secured by default: Publish Profiles, Publish Campaigns, and Publish Transactions.