When you configure IBM® Content Manager repositories in IBM Content Navigator, the administration tool updates the data model on the repository. The data model includes item types, access control lists (ACLs), and privilege sets that are used to control security for searches, browsing, entry templates, and teamspaces.
By default, IBM Content Navigator defines three types of users for searches and entry templates: creators, editors and users. You can use the IBM Content Navigator administration tool to assign users to these roles with the default security. However, if the default security does not meet your needs, you can use the IBM Content Manager system administration client to customize your security.
For information about changes to your data model to support teamspaces, see Teamspaces on IBM Content Manager Enterprise Edition servers.
If you upgrade IBM Content Navigator, you must reconnect to all of your configured IBM Content Manager repositories as the library server administrator to ensure that any changes to the data model are picked up.
When you add an IBM Content Manager repository in the IBM Content Navigator administration tool, IBM Content Navigator adds the RootFolderACL to your data model to support browsing the repository.
To enable users to browse the repository, you must use IBM Content Manager system administration client to add users and groups to the RootFolderACL.
You can use the IBM Content Navigator administration tool to add users and groups to the clbSearchACL with the appropriate privilege sets. For more information, see Security settings for searches on IBM Content Manager.
The ICMEntryTemplate item type and clbEntryTemplateACL ACL items are added only if you enable entry template management.
You can use the IBM Content Navigator administration tool to add users and groups to the clbEntryTemplateACL with the appropriate privilege sets. For more information, see Security settings for entry templates on IBM Content Manager.
On an IBM Content Manager system, each user is assigned to a user privilege set. When you use the IBM Content Navigator administration tool to assign users to the default search and entry template roles, the users are assigned a privilege set that includes the privileges they need to complete the tasks that are associated with their role. For example, a search creator is assigned to the clbOwnerPrivs privilege set.
On IBM Content Manager, the security of items is controlled by an access control list (ACL). An ACL is a list of user IDs or user groups and their associated privileges and privilege sets. When you use the IBM Content Navigator administration tool to assign users to the default search and entry template roles, the users are added to the ACL that is used to control that type of item.
When you use the IBM Content Navigator administration tool to associate users and groups with search and entry template roles, the users are added to the appropriate ACL with the privilege set that is associated with their role.