This website uses cookies. By continuing to browse or login to this website, you consent to the use of cookies. Learn more.
OK
PerthRM8
Admiral Admiral
Admiral
‎2019-02-20 06:34
799 views

CM 9.3.1SavedSearch needed for documents moved from secure to non secure file

Hi,

This is related to my topic from a page before:

https://community.softwaregrp.com/t5/Content-Manager-User-Discussions/Average-user-in-CM-9-3-1-300-can-copy-protected-docs-to/td-p/1685918

Basically, since we still don't have the solution for the above issue, we must think about the workaround solution: How to "spot the users who moved the document which they cannot see but can copy (Including the electronic document) to a non-secure file and then (since the document inherites the access of the landing file in this transfer, unrestricted ) see it without problems ...

To explain further: out of seven layers of ASL (Access settings) we consider our file secure if the first, third and fourth category are restricted to some group of users only; however, the documents inside inherites the first and third category of access only, the fourth one becomes "unrestricted".

When this document is in TRIM highlighted and right click - New - copy Record and placed in the non secure container/file it becomes "unrestricted" and user can see the electronic document in that container..

P.S.

For the secure file, the 5th and 6th category of file access are enforcing the Record type restrictions, so all good.

OK, so, can we generate the saved search, or fileter the logs or anything, SQL script or print merge method that will isolate the user who moved the restricted document from restricted file into the unrestricted file , e.g. yesterday ? I have tried some methods, but no success....

Any comments appreciated !

0 Likes
Reply
Report Inappropriate Content
3 Replies
HeatherM1
Vice Admiral
Vice Admiral
‎2019-02-20 23:31

If they've used the New > Copy Record function to bypass the security, then this should show up in the Online Audit Log as an event called "Record Copied".  PM me if you'd like more details.

Reply
Report Inappropriate Content
PerthRM8
Admiral Admiral
Admiral
‎2019-02-21 00:02

Thanks,

But, strangely, we do not record these sort of event logs .... Now, as Admin under the Administration tab - Auduts I've made them in our CM931 testing environment and also in the Record type audits option....

I must do that in production later on as well, i am just concerned about the impact on the system/database.....

Regards and thanks again.

0 Likes
Reply
Report Inappropriate Content
PerthRM8
Admiral Admiral
Admiral
‎2019-02-25 01:46

Just to let you know that I enabled the log events for "Record Copied" and now we would know when somebody has copied the record, although it would be tricky to isolate only the case "record copied from SECURED file to Unsecured file", but a manual / visual check should be accept

0 Likes
Reply
Report Inappropriate Content
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.