My Oracle Support Banner

Once Permissions Are Granted At Account Level, Can You Restrict User Permissions At Lower Levels? (Doc ID 1504471.1)

Last updated on MARCH 08, 2021

Applies to:

Oracle WebCenter Content - Version 11.1.1.2.0 and later
Information in this document applies to any platform.

Goal

Consider the following LDAP server hierarchical account structure:

dc=MyLDAPServer,dc=com

ou=Groups

cn=Dep_RW

cn=Dep/0001_RW

cn=Dep/0001/A_R

 

User1 is a member of:

Dep_RW

Dep/0001/A_R

 

When checked in, an item is assigned the account Dep/0001/A

 

User1 has Read and Write permissions to the highest level Account, Dep, but only Read permission to the A account.

Yet User1 can check out and check in the item assigned to account Dep/0001/A.

Why is this the case and is it possible to restrict User1's permissions at the lower account level?

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Goal
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.