Hi all,
Bit of background we use Vault Pro 2014 - only pro features we use is multi site replication. Lifecycles are on some files, but was for (failed) trial period only.
We are using the ACL to control working folders for each site and to control access to users from each site. Propogating those security settings to the sub-folders. i.e.
site A user - read/modify site A folder & subfolders only
site B user - read/modify site B folder & subfolders only
site C user - read/modify site C folder & subfolders only
When new sub folders are made post security settings being implemented at a specific site, only the user who made the folder can access it at that site i.e.
site A, user 1 creates a subfolder. site A, user 2/3/4/5/etc can read but not modify that folder or it's contained files.
looking at the ACL of the folder, it has defaulted to a different setting which locks out the rest of the users.
any ideas on how we can get new folders to adapt the ACL of the folder it is created under?
Solved! Go to Solution.
Solved by Neil_Cross. Go to Solution.
I set up an identical security model on my last contract, with a UK folder and Australia folder, users at UK where denied read rights to the Australia folder and vice versa. I created the ACL rights at the parent folder level and propagated that down entirely replacing all permissions at sub level. Worked fine, but I also came across the issue you described and the reason was as follows.
Obviously I can't see your setup, but if you have the 'Security Override' enabled on the Site A folder, newly created sub-folders will not inherit the permissions from this folder, they will inherit permissions from the level above that if that folder was set to propagate. Security override I believe is meant for one off folders exempt from inheriting and propagating permissions.
I've tried to demonstrate this below, apologies it might be a bit quick as I needed to keep it short as possible! But hopefully you can see the difference in behaviour when the security override is set on folder A. So hopefully to resolve your issue, disable the security override on the Site folder level.
Hmm - seems to have worked, time will only tell as unfortunately we weren't given enough time to trial any of these settings on a test vault and were required to change it directly on our production vault.
Thank you for your help Neil, you're an invaluable resource on this forum.
You're welcome and thanks for the kind words
I remember far too vividly how it felt to be stuck and stumped with Vault. My first ever install was to be thrown into a huge titanium smelting plant in Wales and told to install Productstream as it was back then, do the user training and get it right first time. I'll not bore anyone with the full story, but lets just say I'd have sacrificed vital parts of my anatomy back then to have had a forum like this to turn to!
Thanks again and good luck