Configure a folder's security inheritance

This topic explains how to configure a folder to be a security folder to documents or custom objects. For information on how to configure those objects to inherit permissions from the folder, see Configure security inheritance.

Run this procedure as part of your initial security configuration, after you have added document classes and configured their Default Security Instance tabs. It is best to establish security inheritance before putting an object store into production.

For more information about inherited security see:

Use Enterprise Manager to configure a security folder

  1. Log in to Enterprise Manager as object store administrator.
  2. Open the Object Store node and select the Root Folder.
  3. Right-click the folder whose security will be inherited and select Properties. Click the Security tab. The users or groups whose security you want to be inherited should appear on the list of names.
    1. Make sure the ACEs whose security will be inherited have an Apply to setting of either This object and immediate children or This object and all children.
    2. If the users or groups are not already on the folder's list of names, click the Add button to open the Select Users and Groups dialog box. Use the Find capability to find the users or groups you want and then add them to the folder's security list of names.
  4. Select the user or group whose permissions you want to be inherited and make one or more of the following changes:
    1. Choose Allow or Deny.
    2. In Apply to, select This object and immediate children (for only one level of inheritance) or This object and all children (for infinite levels of inheritance).
    3. Choose the security level or individual rights that will be inherited. In most cases you will choose from the rights marked (Inherit only).
  5. Click Apply or OK.
  6. If necessary, configure the target documents and custom objects to inherit the Inherit only permissions from this folder. See Configure security inheritance.