Hello,
I'm looking for a way to extract a list of users have admin rights on the vault. I didn't find an option for it when Exporting the list of users from M-Files admin.
Thanks.
Hello,
I'm looking for a way to extract a list of users have admin rights on the vault. I didn't find an option for it when Exporting the list of users from M-Files admin.
Thanks.
If you can't use the user group approach as suggested by Jan, here's a PowerShell script that may be useful. Replace the vault GUID on line 9 and comment / uncomment other lines as needed.
# Initialize PowerShell for M-Files [Reflection.Assembly]::LoadWithPartialName( "Interop.MFilesAPI" ) $mfserver = new-object MFilesAPI.MFilesServerApplicationClass # Connect to server $mfserver.Connect(1) ## UNCOMMENT THIS FOR SERVER USERS #$users = $mfserver.LoginAccountOperations.GetLoginAccounts() ## UNCOMMENT THESE FOR VAULT USERS $vault = $mfserver.LogInToVault("{6113C44B-8D6C-4243-ABCA-DAF32A02C786}") ## UNCOMMENT THIS TO GET VAULT USERS $users = $vault.UserOperations.GetUserAccounts(); ## UNCOMMENT THIS TO GET VAULT LOGINS (if vault level login accounts are in use) #$users = $vault.UserOperations.GetLoginAccounts(); foreach ($user in $users) { ## VAULT ROLES ## 0 None. ## 1 Full control of vault. ## 2 Can log into the vault. ## 4 Can create documents or other objects. ## 8 See and read all vault content (including deleted objects). ## 16 See and undelete deleted objects. ## 32 Destroy objects. ## 64 Force undo checkout. ## 128 Change permissions for all objects. ## 256 Change metadata structure. ## 512 Manage user accounts. ## 1024 Internal user (as opposed to external user). ## 2048 Can create and modify traditional folders. ## 3078 The default vault roles for a normal user. ## 4096 Manage templates (obsolete). ## 8192 Manage common views and notification rules. ## 16384 Manage workflows. ## 32768 Cannot manage private views and notification rules. ## 65536 Anonymous user. ## UNCOMMENT THESE TO CHECK VAULT LEVEL ROLES ## Change "-band 1" part to wanted shown level. Default shows People with Full control -access if( $user.VaultRoles -band 1) { Write-Output $user.LoginName $user.VaultRoles } ## SERVER ROLES ## 1 = Server Admin ## 2 = Vault creator ## 4 = Backup Operator ## 8 = Allows login to the server ## ## UNCOMMENT THESE TO CHECK SERVER LEVEL ROLES ##if( $user.ServerRoles -band 1) { ## Write-Output $user.AccountName $user.ServerRoles ##} ## LICENSE TYPES ## 1 = Named user license ## 2 = Concurrent user license ## 3 = Read-only license ## UNCOMMENT THIS TO GET USERS WITH CERTAIN LICENSE TYPE #if(($user.LicenseType -eq 1) ) { # Write-Output $user.UserName $user.LicenseType ## UNCOMMENT THESE TO SET LICENSE TYPE # $user.LicenseType = 3 # $mfserver.LoginAccountOperations.ModifyLoginAccount($user) #} }
Joonas, could you please enlighten us with a few details on how and where to run this script?
At least a username and a password must be provided somehow. And a connection to the server must be available.
I assume it must run on the M-Files server itself?
And perhaps username and password should be provided as parameters when starting the script?
Sorry, I don't have any additional information. I only found this script on the Consulting Wiki, haven't tried using it myself. But I think you may be right that it's expected to be run on the server since no credentials are given, unless if can somehow use the pre-defined vault connections on your computer.
Sorry, I don't have any additional information. I only found this script on the Consulting Wiki, haven't tried using it myself. But I think you may be right that it's expected to be run on the server since no credentials are given, unless if can somehow use the pre-defined vault connections on your computer.