Group Types

Following 3 types of groups are available in DOX:

- Built-in group

There are 3 built-in groups.
Although members and roles of each built-in group can be modified, group itself cannot be deleted.

Type Description

managers This group has all the roles assigned. Group members are registered as administrative users through "IIJ Service Online". Please refer to “IIJ Service Online” on account registration.

administrators This group has all the roles except for “Manage Account” role.

users This group does not have any role and may only access files. Accounts registered as non-administrative users through "IIJ Service Online" are automatically registered as members of this group.

- Pseudo group

There is only 1 type in pseudo group.
Neither its members nor roles can be modified. All accounts belong to this group.

Type Description

everyone This group does not have any role.
All accounts belong to this group.

This group is useful in providing "Read/Write" access to all accounts through the use of proper access control. Use access control and grant "everyone" group “Read/Write” access. Because access to the group space is limited to group members, "Read/Write" access is provided to all members. See "Access Control Setting" for more information on access control.

- User group

User groups can be created, modified and deleted as needed. There is no restriction in assigning group name, members and roles.

- Aggregate rights of groups

Account can belong to multiple groups.
If an account belongs to multiple groups with conflicting access rights and roles, the account will have the aggregate of all rights and roles combined.
For example, in the figure below, Account X will have access rights and roles aggregated from those of both Group A and Group B. Authorized role takes precedence to no role, whereas "Read/Write" takes precedence in case of access control.
Also, although roles are set by group, these roles are not limited to the group space only, and apply to DOX as a whole.

o: Authorized x: Not authorized

- Role types

Following 6 types of roles can be assigned to each group.

Term Description

Publish Onetime URL Can publish Onetime URL.
See “Publish Onetime URL” and“Set Actions when Uploading Files”for more details.

Manage Onetime URL Can confirm Onetime URL’s validity, stop publishing Onetime URL and view access logs.
See “Manage Onetime URL” for more details.

Account Can only be granted when creating a new user from IIJ Service Online.
See "Account Management" for more details.

Group Can create, modify and delete group and group space.
See “Manage Group ”and/or“Manage Group Space ” for more details.

Access Can set, change and delete access control settings. Accounts with this role can access all folders in common space regardless of folders' access control settings. They can also access all folders in the group space provided they are a member of that group. See “Access Control Setting ” for more information on how to modify access control settings.

Log Can view access and operation logs in DOX.
See “View Access Logs”for more information.

Manage Mail Able to manage mails sent by all users.
Please refer to the “Mail Administrator ” for more details.

Use Mail Can use mail. See "Use Mail" for more details.

Type	Description
managers	This group has all the roles assigned. Group members are registered as administrative users through "IIJ Service Online". Please refer to “IIJ Service Online” on account registration.
administrators	This group has all the roles except for “Manage Account” role.
users	This group does not have any role and may only access files. Accounts registered as non-administrative users through "IIJ Service Online" are automatically registered as members of this group.

Type	Description
everyone	This group does not have any role. All accounts belong to this group.

Term	Description
Publish Onetime URL	Can publish Onetime URL. See “Publish Onetime URL” and“Set Actions when Uploading Files”for more details.
Manage Onetime URL	Can confirm Onetime URL’s validity, stop publishing Onetime URL and view access logs. See “Manage Onetime URL” for more details.
Account	Can only be granted when creating a new user from IIJ Service Online. See "Account Management" for more details.
Group	Can create, modify and delete group and group space. See “Manage Group ”and/or“Manage Group Space ” for more details.
Access	Can set, change and delete access control settings. Accounts with this role can access all folders in common space regardless of folders' access control settings. They can also access all folders in the group space provided they are a member of that group. See “Access Control Setting ” for more information on how to modify access control settings.
Log	Can view access and operation logs in DOX. See “View Access Logs”for more information.
Manage Mail	Able to manage mails sent by all users. Please refer to the “Mail Administrator ” for more details.
Use Mail	Can use mail. See "Use Mail" for more details.