This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Security KW question

Nat_Mara
Star Collaborator
Star Collaborator

‎11-01-2018 03:41 PM

I have asked this before, but unfortunately once the fomat of the forum changed, I cannot easily find older questions, so I will ask again. We have security KW set up using NOT EQUAL and while not the preferred approach, it was originally set up that way due to the requirements that some users needed to know there were documents available that they could not access. It would show up in the hitlist as "restricted" and then they would go to a manager to pull up docs. We also used to use almost exclusively the web client or the thick client. Now we are almost exclusively using the Unity Client, and I am unsure if it still works that way.


There is a SECURED keyword that has 2 values: Y or N. I have the user group security for most users set to Secured NOT EQUAL to Y. When a user from a group with those settings pulls up a hitlist of documents in the Thick client, it works as planned. Documents will all show, however the ones where Secured=Y are listed as Restricted. When try the same thing in Unity Client, it does not work correctly. It only shows the documents where Secured = N.


I believe in the past, this was not possible in Unity client, but am not sure if that is still the case. As an FYI, we also do not have "Perform security keyword checking during database query" checked. Lastly, if this is not possible, what is a possible workaround?


regards,

Nat

Labels:
0 Kudos
4 REPLIES 4

Eric_Beavers
Employee
Employee

‎11-02-2018 10:23 AM

From my experience (and some notes from the old Security Admin mrg)-

For the Web Client and Core-based applications using Security Keyword Types, OnBase will always display only those documents that the user has rights to view based on the configured Security keyword Types. OnBase will not display documents that don’t meet security requirements with the Restricted label, regardless of whether this setting [Perform security keyword checking during database query] is selected or not.


If you are seeing different behavior, I'd recommend contacting Support to test and clarify.


A reminder from the Config Help Files:


Keep the following information in mind when configuring a Not Equal Security Keyword:

· Not Equal is not designed to work with multiple values for a Keyword Type on a document

because if one instance is the specified value and one is not, only the Keyword Value that

appears first alphabetically will be evaluated by Not Equal to determine document access.

· When a user or user group is configured to have a Security Keyword with more than one

value of Not Equal, a document can show up multiple times in a hit list. This is due to the

query used to generate the result set.

· If the configured User Group rights result in the same value for a Security Keyword being

specified as both Equal and Not Equal, then the value will be treated as Not Equal, and will

not be accessed.

· Generally, when Not Equal and Equal conditions are mixed, unexpected behavior may occur.

For example, if a User Group and one of its users have opposing conditions on the same Keyword

Type Value, the system may respect one or the other condition, depending on the circumstances.

0 Kudos

Nat_Mara
Star Collaborator
Star Collaborator

‎11-02-2018 10:38 AM

Hi Eric,

Thanks for the response. Quick question, is there a setting that notifies upon a response? In the old (and better imho) forums, we would get notifications upon someone answering. that was very helpful, and I do have "Notify me of new replies" checked. does something else need to be configured?


I am not seeing different results, I read the MRG and saw the section your are referencing, but this was not the case, as there were not multiple values. IT was either Y or N,, so I did not think that applied. I guess my question, is how does Hyland suggest configuring in this scenario when using a CORE client? We cannot be the only user who needs to secure documents while at the same time allowing the users with insufficient privileges know those documents exist in the system. I am not married to our current setup, so we are flexible.


We initially went to the Unity client as deployment would be simpler, and it seemed to have a lot of useful functionality, however we are bumping up against a lot of limitations, at least in 17 SP1. 😞

0 Kudos

Eric_Beavers
Employee
Employee

‎11-02-2018 11:11 AM

I personally just follow the whole Security group and get all the emails(I use MS outlook rules to folder/sort). That being said,

for community changes/improvements I recommend the help forums- https://community.hyland.com/help/forum

To fast track your community feedback, please use this form.


SK question-

I can not think of any decent workarounds that don't require a complete redesign/rethink of your security solution. Most of the time I have had to live with the user can see it or they can't in the Core.


As for a request for the functionality, SCR #232349 would be the one you would want to be a part of. Your participation in a support call can help R&D prioritize. Be sure to include your business case as this functionality has not been requested frequently.



Nat_Mara
Star Collaborator
Star Collaborator

‎11-02-2018 11:34 AM

thanks. very useful indeed.

Getting started

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2024 Khoros, LLC