Server Policies  Default Database Permissions

In this tab, you can define permissions which will be applied to all standard databases on the server. You can choose from the following options:

  • Undefined (neutral): When setting a permission to Undefined, you can still change its state for individual users and databases in the database permissions afterwards.
  • Enabled (allowed): By default, the corresponding permission will be activated for all databases and users available on the server. However, you can still change its state for single users and databases in the database permissions afterwards.
  • Disabled (not allowed): This state is the most restrictive. If you choose it, the corresponding permission will be disabled for all users and databases on the server. You cannot enable it for individual users and databases in the database permissions afterwards.

By default, all permissions are set to Undefined or Enabled, which means that these permissions are either enabled or undefined for all users on the server. Any permissions set to Undefined or Enabled can be changed to another state later, either at database level or for single folders and entries within a database. However, this is not possible if you disable the permissions in the server policies, since this state is the most restrictive and cannot be enabled at database level or for single folders and entries afterwards. Therefore, you should only use the Disabled state for permissions in the server policies if a specific permission should be deactivated on the entire server and disabled for all server users.

Available Permissions

The following permissions can be configured in this tab:

  • Read entries – View and read entries in the database.
  • Modify entries – Edit existing entries.
  • Add entries – Add new entries to the database.
  • Delete entries – Remove entries from the database.
  • Use the function "Auto-Complete" – Automatically fill credentials into applications and websites.
  • Auto-fill web forms using browser add-ons – Fill data via the browser add-on.
  • Accept new entries from browser add-ons – Display suggestions via the browser add-on.
  • Print entries – Print entries.
  • Export entries – Export entries from the database.
  • Save database locally – Database may be saved locally.
  • Synchronize database – Synchronize the database.
  • Share entries – Share entries with other users.
  • Seal entries – Seal entries to prevent unauthorized modifications.
  • Set second password – Use a second password to access entries.

EXAMPLE: Server users should not be allowed to export entries from server databases, thus this permission should not be activated on the server at all. It is helpful, in this case, to disable the corresponding permission in the server policies so that the state cannot be changed in the database permissions afterwards. This way, you can make sure that this option will not be available or displayed in the client at all.

HINT: In general, we recommend either choosing the state Undefined or Enabled in the Default Database Permissions tab, since rights management will be easier afterwards. This way, you can assign the rights more specifically and, most importantly, individually to single users and groups. Assigning individual permissions to users and groups is always done under Databases → Permissions.

NOTE: By clicking Restore default settings, you can reset the settings in the Default Database Permissions tab and thus discard changes.