Have been asked to set up such that some contractors doing design work in Windchill (who have only needed access via ACLs and group membership) be denied access to run Reports (e.g. from Home, Reports) since most reports are set up to bypass access control. OTB, there is an ACL at Site /System for ReportTemplate, ALL, Read. Trying to override this with Deny for a certain group at Org level. Deny applied so far in all the usual ways doesn't have the needed effect. Anyone know how to do this? Tech support case pending. thanks
Policy Administrator types include: Report, Report Template, Report Criteria. I've been trying all, but focused on Report Template. Deny is definitely something to be careful with, but likely the only solution here. So far, using DENY for the whole Organization works, but not for a Group. I showed tech support on a webex and they are researching.