We have been adding archive records into Laserfiche for the last year that I would like to adjust security settings on so that they can't be modified or deleted. Presently I've been doing it manually as things are added but it's tedious and i'm always worried i'm going to miss something. I know assigning rights is a function in the Workflow Designer, but i'm having a hard time determining how to specify which folders and documents I want to include. The folder structure is shown in the diagram. I DON'T want to adjust the settings on any of the folders or sub-folders, as i had tried adding security on the folders originally to save time and it caused all kinds of problems as people tried to add new documents. I do not want to inadvertently lock any documents that are not in the Archive Sub-Folder, as we have several classes of documents in this repository so i'm hoping for some guidance on how to achieve this. Many thanks!!
Question
Question
adjust security on multiple documents in many sub-folders
Replies
You are going to want to apply security to the folders. Trying to apply it to specific documents is going to be quite a bit of micromanagement.
What types have different security? Are you saying that only certain people can see Building C and within that group of people only certain ones of those can see documents class A or B?
If so this seems to sort of lean toward a folder revamp. To handle the security on different document types you can put those together.
So you could have something like
Repository
Archieve
Doc Type A
Building A
Building B
Doc Type B
Building A..
The Doc Types would become folders. All the documents for that type would reside in the building folder. So you could just do security by who can see what doc type.
Setting security on folders may take a bit at first but should be designed so you dont have to constantly be touching it (which is what sort of happens if you go down to the document level).
The other option you have is to set security on the folders but apply security tags to the doc types. So all Doc Type A documents get the A tag. Then give only the users access to that tag. It would allow your folder structure to remain and you would just have to apply a tag to the document. Or send that document through a workflow that assigns the tag based on the folder its in.
Thank you Chris.... I was afraid you were going to say that though. My problem is we have 150 building folders, each with 2 years worth of subfolders and each sub-folder containing 5-10 documents (and growing) so I really don't want to play around with the folder set up if i don't have to. In the past, when I've played around with the folder security settings, employees who try to add something to a folder end up with an error denying the addition of a document so i have to go and remove the security temporarily to allow it, then reset it when they are finished.
Also, even if I figured out how to make the error not occur on addition of a document, it gets more complicated because as we are adding documents, often we need to clean them up (rotate pages, delete blank pages, and at times re-scan poor quality pages and insert them in the document) so they can't instantly be secured. That's why I was thinking a workflow i could run say, daily at the end of each day, that checks the documents in the archive and applies security to any that don't yet have security settings according to the parameters we set.
If it helps, I have no group within the office that can't view any of these files - it's changes and deletions once they have been cleaned up that i am trying to stop from happening.
Given this information, do you still think the tags option would work? I'm sorry i'm still very much a novice when it comes to Laserfiche!! :)
I would certainly work with your VAR to have them help you. Moving the folder structure around can be quite simple using Workflow. Also they can help with your security setup and maybe some process improvements.
If you stay with the structure you can certainly have a workflow run once a day, find all the documents in a folder that don't have a tag, then based on criteria, assign the tag. That can certainly work.
You could also write a workflow that is a business process. The document could reside in the archive folder and then when you are ready to secure it, just start the business process on it. Or if the documents reside somewhere else first, then when they are ready to be archived the business process moves them as well as applies the tag.
Thanks again Chris, this is a good start! 
In general, you want to avoid assigning rights to individual documents as much as you can. Instead you want to use folders and scopes as much as possible. There's a lot more flexibility available than most people realize; the documentation describes 9 scope types. The support site has some pretty good explanations about how you can use those scopes in practice, e.g. this writeup.