You are viewing limited content. For full access, please sign in.

Question

Question

LF Search - users cannot open a document

Laserfiche
Updated February 2, 2024
asked on February 1, 2024

Multiple users in group LFRP-READ getting error "Access is denied. Return to the Laserfiche web client" when trying to open some documents in our repository. Can open other documents in the same branch. Suggestions appreciated.

ie. A > B > document = ok
    A> C > document = Access is denied

Trustee - LFRP-READ
Rights = View

Scope = This folder, subfolders, and documents

0 0

Replies

replied on February 2, 2024

One thing to confirm is that there are no security tags applied to the document. That's a way access can be different without a difference in the entry access rules. The "Show Security" dialog has some tools to dig into this further. You can use the "Effective Rights" tab to confirm the users' rights and the "View detailed inheritance information" will help determine why the users do not have the rights you want, especially when you compare with a document where the rights are acting the way you want.

3 0
replied on February 2, 2024 Show version history

Thank you Brian. 

Looks like Rights Inheritance are not the same, if I change it from a higher level folder and give LFRP-READ read rights, will the child folders get the same permissions as the parent folder?

Files CANNOT open
Rights Inheritance
LFRP-READ has Read allowed from Repository File Path\Folder

Files CAN open

Rights Inheritance

LFRP-READ has Read allowed from Repository File Path\Folder\File

0 0
replied on February 2, 2024

If I understand your table, the reason the user can open the document is because of permission granted directly on the document, and this has not been applied to the ones they can't open. If so, then yes one way to grant permission is with an ACE on the folder with a scope that includes contained documents. But I always urge people to not use the first solution they come up with - the security configuration in your repository is one of the most important things to get right, and it's always worth considering exactly what rights users should have and what is the best way to grant them.

1 0
You are not allowed to follow up in this post.

Sign in to reply to this post.

Details
Related Posts
Loading ...