Login
    Contents x
    Partitioning options
    • 24 Nov 2022
    • 1 Minute to read
    • Contributors
    • Print
    • Dark
      Light
    • PDF
    Contents

    Partitioning options

    • Updated on 24 Nov 2022
    • 1 Minute to read
    • Contributors
    • Print
    • Dark
      Light
    • PDF
    Article summary

    Constellio allows you to restrict access by compartmentalizing tools, users/groups, accesses and content. This can be used to manage multiple organizations/sub-organizations. Here are different approaches and their advantages and limitations.

    These points are indicative, it is important to confirm with the Constellio team your need.

    Environment

    It is possible to use environments with separate servers, i.e. complete duplication of resources.

    Benefits:

    • Complete isolation of tools, access, configurations and content.
      • Including physical separation of data and access at the operating system level.
    • Allows you to manage different versions of Constellio between environments with different plugins.

    Limitations:

    • Requires additional resources (servers, storage, etc.)
    • Requires additional maintenance (updating, monitoring, etc.)

    Supporter

    Constellio supports hosting multiple tenants in the same environment.

    Advantages :

    • Supports complete isolation of tools (including system tools), user/groups, access and content.
      • Including system configurations (e.g. downgrade)
    • Tenants can have different plugins
    • Pools resources (servers, processes/cpu)
    • Configurations, storage mount points are dedicated per tenant
      • Different ways can be used per tenant, but the application server uses only one service account (operating system) to access it.
    • Each tenant can have a dedicated LDAP configuration

    Limitations 

    • Requires the same version of Constellio for all tenants in the environment
    • Maintenance (update, restart, etc.) impacts all tenants
    • Requires scripts for creating new tenants (no interface)
      • However, the tools will evolve in the coming year

    Collection

    See the article "Collections".

    Benefits: 

    • Allows you to manage the main tools (plan, calendar, units) isolated from other collections
    • Manage access and roles for users/groups in the collection
    • Collections can have different modules
    • The creation of collections is entirely managed by the interface

    Limitations: 

    • System-level configurations are applied to all collections (e.g. decommissioning is shared among all tenants)
    • A single LDAP configuration for all collections where users and groups are synchronized (or not) in a collection. *You can manually add a user or group to a collection.
    • Managing roles in a collection allows you to give system permissions
    • Requires a system-wide administrator (admin) who can have access to all collections.

    Administrative unit

    See the article "Administrative units".

    Benefits: 

    • Allows you to manage permissions for users/groups in the unit
    • Allows you to assign a role for unit (limiting permissions and scope)

    Limitations: 

    • The unit's steering functions are more limited
    • The collection administrator can have access to all units


    Was this article helpful?
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout