Community Tip - Visit the PTCooler (the community lounge) to get to know your fellow community members and check out some of Dale's Friday Humor posts! X
Version: Windchill 12.1
Use Case: I’m configuring the Guest role in Windchill, but I’m encountering an issue: the Guest role cannot view or create workspaces.
Here’s the situation:
* The Guest role is set up with read-only access to released objects.
* Despite configuring access control to allow Read and Download permissions on object types like WTPart and EPMDocument, the workspace option is still unavailable for users with this role.
* We have also configured lifecycle states to ensure the Guest role has Read access to the Released state.
Question:
What specific permissions or additional configurations are required to enable workspace visibility and creation for the Guest role?
Any insights or guidance on how to set this up effectively would be greatly appreciated!
Thank you!
Solved! Go to Solution.
If its possible via ACLs, I would focus on EPMDocConfigSpec object but this article alludes that its not ACL controlled (https://www.ptc.com/en/support/article/CS45134?source=search). Its a bit dated but might still hold true. Curious why you need to do this? Workspaces can be created anywhere and pull date from any Product or Library so long as the guest has read access to those EMPDocuments. For example, my libraries are read only, users are guest but they can still pull data from them. I suspect its specifically blocked in a UI filter or code that prevents Guest from creating them or seeing them.
What you can do is use a role shift. Make those users who are Guests and need workspaces Team Members. Restrict Team Members from doing much like Guest and create a new role to take the place of a full Team Member. Add addition ACLS to it. That might work but unsure of why you would want Guests to create workspaces in an area that is read only to them. They would not be able to check anything in anyway.
If its possible via ACLs, I would focus on EPMDocConfigSpec object but this article alludes that its not ACL controlled (https://www.ptc.com/en/support/article/CS45134?source=search). Its a bit dated but might still hold true. Curious why you need to do this? Workspaces can be created anywhere and pull date from any Product or Library so long as the guest has read access to those EMPDocuments. For example, my libraries are read only, users are guest but they can still pull data from them. I suspect its specifically blocked in a UI filter or code that prevents Guest from creating them or seeing them.
What you can do is use a role shift. Make those users who are Guests and need workspaces Team Members. Restrict Team Members from doing much like Guest and create a new role to take the place of a full Team Member. Add addition ACLS to it. That might work but unsure of why you would want Guests to create workspaces in an area that is read only to them. They would not be able to check anything in anyway.
Make sure they have the required licenses assigned as well.
Hi,
In the ACL / Policy Administration, "Guest" role is not considered as the principal "Team Members", and hence OOTB behaviour is to just Read only. As Villanuev says , if Guest user is not allowed to edit, there could be no use to create workspace.
In case you want that user to work in workspaces, you need to give the user a OOTB role called "Viewer". (As far as I remember).
Please explore it, I have used it in some of my solutions to customers.
Cheers
Hari
Users in the Guest role are not allowed to create workspaces. This is hard-coded and by design.
https://www.ptc.com/en/support/article/CS79881