cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

BO4 - Deny access to CMC to standard users and delete privilege

Go to solution
former_member272336
Participant

on ‎06-01-2013 11:33 AM

0 Kudos

Hi,

Having a look at admni guide and see overal apendix of all the varios rights (ch 27) - e.g create reports, edit reports.

Have a few questions.

1)  We wish to give access to the Writes group permission to create and delete own reports in theire departmental folder but not have permission to delete

  reports owned by other users in that department.  We are using custom access levels and need to ensure the appropriate rights are in these access levels. How is this best achieved with regards delete privilege?  Is it the case that by default a user cannot delete objects they don't own?

Is it a case of ensuring right delete objects is not set but dlete objects taht user owns is set?

2)   Denying access to CMC is this best done done via Applications/CMC/ and remove access  to Everone group to cmc.  Just want to check before do this will can still use as Administrator users.  Is this the case?

 

Thanks

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

former_member182521
Active Contributor
‎06-01-2013 4:12 PM
0 Kudos

Hi Philip,

To answer your questions

1. Your custom access level should only include " delete objects that the user owns" instead of "Delete Objects". By default user who owns the report will be having full control to those objects. including "Delete Objects" right will leads to accidental deletion and if the object is not owned by the user. they can still delete if you granted "Delete Objects".

2. If you deny access to CMC to Everyone group even Administrators will also be denied access for that. the right way is to

- Make access to CMC for everyone group at Application level - the Right is "Login to CMC" as unspecified.

- grant access to only Administrators group

give a try and let me know how it goes.

Regards

Mani

Show replies
Show replies
former_member272336
Participant
‎06-03-2013 9:37 AM
0 Kudos

Hi Mani,

Thanks for reply.

Re option 2

Had had look at Applications/CMC and can see Everyone group has View access by default.

Looked at rights included within View and don't see right Login to CMC - how can theybe getting access to CMC when we have not explicitly granted this right to them?

Given that Administrators have Full Control on Applications/CMC if simply remove the Everyone Group form this would this be O.K?

i.e. not explicitly denying and Administartors group still be left with access.

Thanks

former_member182521
Active Contributor
‎06-03-2013 11:23 AM
0 Kudos

This is how it should look like.

former_member272336
Participant
‎06-03-2013 11:59 AM
0 Kudos

Thanks.

former_member272336
Participant
‎06-03-2013 1:50 PM
0 Kudos

Hi,

Thanks for advice

Answers (0)

Ask a Question