Community Tip - If community subscription notifications are filling up your inbox you can set up a daily digest and get all your notifications in a single email. X
We are currently trying to set up our manufacturing department with view permissions for design state documents and download permissions for released state documents. We are using the Access Control under Policy Administration but it seems we are unable to get the desired results. Is this the proper method? We have PDF files, STP files, and Excel files that the Manufacturing department need to use. We want them to be able to download the PDF files if they are at a released state and to only view them if they are at a design state. These files are uploaded as reference documents to the WTPart that also includes the prt, asm, drw files.
Solved! Go to Solution.
I can help you w/this.
Drop me an email at -.
In general we will:
- Take a look at the OTB ACL's that might be overriding what you intend, especially those for the psuedogroup TeamMembers
- Take a look at how your Groups are set up (esp. nesting) and determine where inheritance is being applied
- Take a look at how Groups are mapped to Context Team Roles (if used)
- Configure wherever possible at Org level, not in each Product / Library (has the potential to eliminate 90% of the statements and maintenance
- Configure Read & Download for the Mfg users at Released; only Read for these users at Design
- Confirm all with test data and test users; troubleshoot using Manage Security utility
- (possibly) update Product/Library templates
Access control is one of the great puzzles of Windchill - can easily get tangled in knots if not careful. Easy to have overlapping configurations. Well worth it to do some planning and to reduce complexity and total number of rules by using inheritance where possible.
I can help you w/this.
Drop me an email at -.
In general we will:
- Take a look at the OTB ACL's that might be overriding what you intend, especially those for the psuedogroup TeamMembers
- Take a look at how your Groups are set up (esp. nesting) and determine where inheritance is being applied
- Take a look at how Groups are mapped to Context Team Roles (if used)
- Configure wherever possible at Org level, not in each Product / Library (has the potential to eliminate 90% of the statements and maintenance
- Configure Read & Download for the Mfg users at Released; only Read for these users at Design
- Confirm all with test data and test users; troubleshoot using Manage Security utility
- (possibly) update Product/Library templates
Access control is one of the great puzzles of Windchill - can easily get tangled in knots if not careful. Easy to have overlapping configurations. Well worth it to do some planning and to reduce complexity and total number of rules by using inheritance where possible.
As an FYI... the Manage Security wizard is a quick and easy way to determine where permissions are coming from when users are getting too much or too few access.
Select Manage Security from the Actions menu of any object where the access doesn't appear to be correct.
Add the user in question to the table by clicking the + button
Click on the Info icon for that user
The page that comes up will provide a list of all the permissions specified for the user along with where they come from (policy, ad hoc, lifecycle, etc.)
I am looking for one piece of this puzzle in particular :
Configure Read & Download for the Mfg users at Released; only Read for these users at Design
Can this be achieved by Access Control Rules in Windchill 11.1 ? I can't find the view anywhere in the Access Control Rules...
A big thanks to Mike Lockwood for providing answers and insights for us relating to our vault practices. He was able to help us thru the use of a web meeting. He provided not only the answer to this particular question but also set us on a path to have a more effiecient company wide use of windchill.