The permissions required to work with linked items can be configured in two ways in AX Server. One provides less control with lower administrative costs while the other increases control at the expense of configuration and administrative overhead.
AX Server provides the following configuration options for linked item permissions:
Your Analytics Exchange administrator decides which method of permissions to use for linked items.
To override the default linked item permissions setting, the administrator must change the value of the doesLinkSecurityUseMasterLocation property in the aclAuditExchange.xml configuration file. The setting is applied globally and is not typically changed after initial installation however you can change it if required.
For more information about using linked items in conjunction with your audit business processes, see .
Linked item access is controlled by the permissions for the folder containing the linked item. Linked item permissions behave exactly like the permissions for other types of tables, analytics, or items in the folder.
Linked item access is controlled by the permissions for the folder containing the linked item and by the permissions for the folder containing the master item. As a result, linked item permissions behave differently from the permissions for other types of tables, analytics, or items in the folder.
Read only permissions are required by users for the folder containing the master item, therefore any content that administrators want to restrict users from viewing needs to be located in a separate folder.
Users also need permissions for the parent collection or collections for both the linked item and master item folders. If the user does not have permissions for the folder containing the master item, or its parent collection, the linked item appears as a broken link and is not viewable or editable.
Your Analytics Exchange administrator can use the folder containing the master item to centrally control and manage permissions for multiple linked items. Removing a user’s permissions for the folder containing the master item causes all links to the master to be broken for that user. If the folder contains multiple master items, all links to all master items are broken for that user.
From the Permissions tab, your Analytics Exchange can quickly remove multiple users from a single master folder or the parent collection, disabling all links for all the users, without needing to worry about locating and disabling the links at the individual link locations.
|
|
Permissions required for linked item only |
Permissions required for linked item and master item |
|---|---|---|
|
Granting permissions for a new folder, or when adding a new user, requires less labor |
|
|
|
Linked item permissions behave exactly like the permissions for other types of tables, analytics, or audit items |
|
|
|
The folder containing the master item can be completely inaccessible (invisible) to users accessing the linked item |
|
|
|
Analytics Exchange can use the folder containing the master item to centrally control and manage permissions for multiple linked items |
|
|
|
Removing or re-granting linked item permissions for multiple users requires less labor, assuming you control access to linked items by maintaining master item permissions only |
|
|
|
Access to a linked table or analytic can be prohibited within a folder for which a user has “Full permissions” |
|
|
|
Users are prevented from giving one another access to linked items |
|
|
