Skip to Content
avatar image
Former Member

ACL Implementation for Document Authorization

Dear All,

We want to implement ACL authorization concept for document authorization. I have herd that ACL is very heavy process. Can anyone help me to find out answers to following questions?

Who can add users to ACL to certain DIR's? Which registry keys needs to be set and maintained? Does all DIR's get ACL or can it be activated only when needed? Does ACL usage effect TREX Search times? Is there different user levels available? Admin, read etc Can ACL be assigned to just one doc type or does it effect whole DMS? In what views / tabs ACL will bring to users in easyDMS? Any idea how ACL will effect ?

With Regards,

Brijesh Sah

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

1 Answer

  • Sep 09, 2013 at 12:18 PM

    Hi Brijesh,

    regarding your questions about the ACL behavior related to DMS I will try to provide some information and hope that it can answer some of your questions:

    Who can add users to ACL to certain DIR's?

    If ACLs are used then every user with enough ACL permission can add other users. So for example an assigned ADMIN user can add all other users as well and give them specific ACL permissions.

    Which registry keys needs to be set and maintained?

    As far as I know there are no special registry keys needed.

    Does all DIR's get ACL or can it be activated only when needed?

    Generally you need to create one initial ADMIN authorization first to start assigning further ACL permissions. So from the beginning the DIR does not have any ACL permission and the first user who want to add some has to create an initial ADMIN permission for himself.

    Does ACL usage effect TREX Search times?

    As far as I know till now there are no complains about a loss in the search performance due to ACL permissions.

    Is there different user levels available? Admin, read etc

    Of course there are different ACL permission levels. You can see the different possible ACL permissions by using the dropdown menu on the "Authorization" screen. For example you have ADMIN, WRITE, READ, DELETE,etc. permission.

    Can ACL be assigned to just one doc type or does it effect whole DMS?

    If you activate ACL functions in transaction DCSWI then this function is active for the whole DMS and not only for one specific doc type.

    In what views / tabs ACL will bring to users in easyDMS?

    In EasyDMS there is the same tab called 'Authorizations' like in the backend system.

    Any idea how ACL will effect ?

    From my point of view I know that ACLs offer a good functionality to provide specific permissions for one document info record. But I also know that it could be quite complex and so you should really plan the usage of ACL permissions well.

    Best regards,

    Christoph

    Add comment
    10|10000 characters needed characters exceeded

    • Former Member Former Member

      Hi Brijesh,

      Authorization group will still be operational without any impact, ACL will be first level authorization folllowing the rest i.e. Authorization Group.

      Means if you have ACL set for particular object then it overrides all other authorizations, but if no ACL set then rest other authorizations will be working as-is.

      Thanks,

      Akshit