How to Properly Use Access Plans, User Groups, and Tokens
ID: Q163258
The information in this article applies to:
- Microsoft Commercial Internet Server, version 1.0
SUMMARY
This article provides some general guidelines for the proper use of access
plans, user groups, and tokens.
MORE INFORMATION
There is a misconception about the association between access plans and
tokens that must be clarified. A section of the documentation discusses
access plans as owning not only users, but also having lists of tokens
associated with the access plan, so the users would inherit the tokens. The
SQL system is structured so this inheritance can occur, but it's not
recommended, in part because of changes to the schema coming in
Microsoft Commercial Internet Server (MCIS) 2.0, and in part because this
is not the intended use.
To use each of the two "group" schemas (access plans and user groups), keep
in mind the following guidelines:
- Use access plans to group users for billing purposes only. Third-party
billing systems (or your own custom code) can take this user-to-access
plan association for different levels ($) of memberships (such as
youth, standard, premium, and so on).
- Use user groups to group users into logical associations for tokens
(such as a "pets" token for pet content, or a "cooking" token for
cooking content). Users become members of the user groups, and the
groups have their specific token(s) assigned to them, which in turn
provides the user with access to the token.
- Do not assign tokens to users directly, except perhaps for test
purposes or in very special (one-use only) cases. Even for groups like
"administrators," you should create an administrators group, and
associate access for control areas (such as the sysadmin scripts) to
this group only.
In this way, you can use association with an access plan for billing,
and association with user groups for access and security.
Keywords : kbusage kbother
Version : 1.00
Platform : WINDOWS
Issue type : kbinfo
Last Reviewed: January 28, 1998