Update object store with new users and groups
You can easily add new users to an object store that is already
in production, as long as you only want them to have permissions on
objects created subsequent to their addition. See Add
users and groups to a class for this procedure.
However, adding new users so that they have default permissions
to all existing objects requires a different procedure, and uses the script
WizUpdateOSSecurity.vbs installed by the Content
Engine installation program. This script updates an existing object store's
security with users and groups as if they had been added when the object store
was originally created. These users and groups can be given default
permissions as users or as object
store administrators.
The WizUpdateOSSecurity.vbs script can be run through the security
script wizard, or it can be run by itself. This script:
- Does not directly modify documents and custom objects. However, it does
set permissions on Enterprise Manager's root folder. Thereafter, you can
configure security parentage so that the root folder becomes the security
parent of any folders, documents and custom objects that should inherit the
new permissions. This applies the same effective security as if all these
documents, custom objects, and contained folders had been directly modified.
Keep in mind, however, the different
behavior between directly applied security and inherited security.
- Does modify the security on all other securable objects.
- Does not remove or modify existing security permissions.
To update an object store with new users or groups
- Right-click the object store node and run the Security
Script Wizard.
- When it asks you to select an XML security script information file, browse
to and select OSecurityUpdate.xml.
- When it asks you to define security roles, you should see two roles under
Security Role: Object Store Administrators
and Object Store Users. If you do not see these roles, you have not
loaded OSecurityUpdate.xml properly.
- Use the Add button to add security participants
for the selected role. The Select Users and Groups dialog box will open. Click
OK when you have added the participants for
that particular role.
- Click Finish when you are done. The wizard
will proceed to apply the security permissions to the objects in the object
store. This can take some time, depending on the number of objects that need
to be updated. The wizard will inform you when the process of applying security
is complete.
- Examine the new permissions on Enterprise Manager's root folder. Depending
on how you have configured the inheritance from the root folder and all generations
of child folders, these new permissions might not yet have been inherited.
You should configure the folder security
parentage as appropriate.