Is there a (simple and supported) way to change the way security is inherited in Teamspace subfolders?
The default behavior is for all objects to get a copy of the ACL that is on the teamspace, so documents and folders under a folder that has been changed still get the ACL of the teamspace (not it's parent folder). This means that while a teamspace team member on the "no access" list for a folder would not see that folder, they could still access the documents in it via search or from a link someone sent them.
Pinned topic Teamspace Subfolder as Security Parent
Answered question This question has been answered.
Unanswered question This question has not been answered yet.
Updated on 2013-03-22T19:54:25Z at 2013-03-22T19:54:25Z by SystemAdmin
Re: Teamspace Subfolder as Security Parent2013-03-18T15:32:09ZThis is the accepted answer. This is the accepted answer.
1) Determine if the security model you need can be handled with the Entry Template security, or if a Security Policy will be needed.
2) Create the Security Policy if needed
3) Create the Entry Template (Set the folder setting to just the object store, as this setting is ignored when using the Entry Template Folder Association feature.
4) In the security step of the Entry Template, set the Security Policy or setup the Entry Template security. These security settings will be added to the Teamspace inherited security and the security with the highest level of access "wins" when a user/group is getting security from the class, teamspace and ET/security policy. To restrict access, you may need to set explictly deny the right.
5) Once the Entry Template is created, from Workplace XT, you will need to search for the Teamspace subfolder that you wish to associate with the Entry Template.
6) From the search results, select the folder, open the context menu and select the option Perferences > Associate Entry Templates. Select the Entry Template(s) you wished to be used when adding documents to this folder. By default this setting will be used for all subfolders as well.
If you do not see this action, you are not a member of the Access Role with rights to this action. Contact the Workplace XT admin, and have them setup a non-admin access role, add you as a member of that access role and add that role to the Associate Entry Template Action.
7) From ICN, add content to that folder and confirm that the Entry Template is used and that your security setting are performing as desired.
Re: Teamspace Subfolder as Security Parent2013-03-18T19:38:33ZThis is the accepted answer. This is the accepted answer.
Re: Teamspace Subfolder as Security Parent2013-03-22T18:38:12ZThis is the accepted answer. This is the accepted answer.
Re: Teamspace Subfolder as Security Parent2013-03-22T19:18:15ZThis is the accepted answer. This is the accepted answer.
- SystemAdmin 110000D4XK
I'm attaching an updated diagram with ACL call outs.