Qbik Helpsys

Permission object ownership

The Permissions system allows for the concept of ownership on all permission objects registered by WinGate modules and components. Whenever a WinGate component creates and registers permission objects with the Permissions system, the default ownership of each permission object is assigned to the Administrators group, regardless of the user database being used by WinGate.

Create children permission

In the case where a user has permission to Create children in a parent container, then the ownership of the newly created child permissions object will be automatically assigned to the user or group who created it. For example, if a user has the permission to Create children (new policies) in the Policy module parent container, whenever they create a new policy, they are set as the owner of the associated policy permission object that is registered with the Permissions system.

Creator owner / Creator group

The Permissions system provides two aliased users, the Creator Owner, and Creator Group, that you can select and configure permissions for when editing a permission object. The Creator Owner and the Creator Group users will represent the user or group that is the currently configured as the owner of that particular permissions object. This allows you to set permissions for the current owner of the particular permission object, rather then on a specific user or group.

Ownership use

The Permissions system uses the concept of ownership on permission objects to set the default permissions from the top of the permissions tree after installation.

In the All Objects container at the top of the tree, the Permissions system will set Allow on all permissions for Creator Owner user. Since it is the top level, these permissions for the Creator Owner are applied to all child permission objects in the All Objects container. Since inheritance is enabled by default, these permissions for the creator owner will propagate to all parents and children all the way down the tree.

After installation, the creator owner  for the All Objects container is set to the Administrators group if WinGate has been set to use either the WinGate user database or the Windows Users and Groups connector. Similarly, if WinGate has been set to use the Active Directory connector, this will be the domain administrators group. This has been designed so that the creator owner (in this case members of the administrators or domain administrators groups) is able to log into the WinGate Management console and have full access and control to all the features provided throughout WinGate by default.

Manually setting ownership

Each permission object can be manually assigned an owner from any user, or group in the user database WinGate has been configured to use.


When the owner is changed on a permission object that has permissions assigned to the Creator Owner(or Creator Group) then these permissions will be applied to the user or group that has become the new owner.

To manually set the owner of a permission object:

  1. Open the Permissions configuration for the permission object where you want to set ownership.
  2. Select the Owner tab.
  3. Click the Change button to open up the Users and groups selection dialog.
  4. Select a user or group to be owner of this permission object and click OK to return to the permissions configuration.
  5. Click OK on the Owner tab to apply the changes.
  1. no comments yet...

Download helpfile

You can use basic Full-Text Searches against the page title and body to find matching articles. Use the following search modifiers to refine your query:

  • event management (no quotes) will find all pages containing the words "event" OR "management"
  • "event management" (with quotes) will find all pages containing the phrase "event management"
  • +event -management will find all pages containing the word "event", AND NOT the word "management"