Setting Up Access Control

With access control, it is possible to restrict parts of Document Central to a defined group. Access control can be configured in various areas and for different functions by using groups in Document Central. This allows for restricting access to document areas or preventing the use of specific content types, for example.

Access control for documents is divided into the following four levels:

Document Library: Control access to the entire document library within Document Central.
Content Types: Restrict the use and access to specific content types.
Content Types in a Document Library: Restrict the use and access to specific content types in a document library.
Metadata: Define access permissions for individual metadata within Document Central.

Important

Please note that you must have completed the creation of the document library, content types, metadata, and user groups, depending on which access control you want to define, in order to proceed.

To enable access control, follow these steps:

Navigate through the Document Central - Administrator role center.
Click on Compliance in the menu bar and perform the action Compliance Setup.
Check the box Enable Access Control.
Access control is now enabled.

Setting Up Access Control Groups

Content types and document libraries can be restricted for specific users. For this, groups must be defined in advance and users assigned to the groups.

To create groups, follow these steps:

Navigate to the Document Central – Administrator role center.
Click on Setup in the menu bar and perform the action Users.
Perform the action Groups & Members in the menu bar to create a new group.
Create a new group by performing the action Create User Group.
The wizard for creating an access control group will open. Click on Start.
Choose one of the following options:

Azure Security Group

The Azure Security Group is used to link SharePoint permissions with Document Central permissions.

Document Central Group

The Document Central Group restricts access solely to the documents available in Document Central. SharePoint permissions are not considered and must be managed separately in SharePoint.
On the next page, specify how you would like to name the access control group. Additionally, you can specify a code and add a description. Then click on Next.
If needed, add users directly to the newly created group. Use the dropdown menu in the Access Control Group Members area.
Click on Next when you have added the desired members to complete the wizard on the next page.

Info

You can also create an access control group in the compliance area under access control groups and then continue following the step-by-step instructions from point 5.

Adding Users to a Group

Users can be added to existing groups.

To add users to a group, follow these steps:

Navigate to the Document Central – Administrator role center.
Click on Compliance in the menu bar and perform the action Access Control Groups.
Select the group to which users should be added and click on Edit.
Add users to the list in the Members area.
The users are now members of the group.

Setting Up Access Control for a Document Library

To enable access control for document libraries, follow these steps:

Navigate through the Document Central - Administrator role center.
Click on Repository in the menu bar and perform the action Document Libraries.
Click on the document library code Code that is to be configured with access control.
Perform the action Access Controls in the menu bar.
Enter the group code in the User Group Code field.
Define the values for the group's access control in the Read, Write, and Delete fields.
Access control is now activated for the defined user group.

Explanation

Read: The read permission determines whether users can see the documents archived in the document library. If a user does not have read permission for a document library, they cannot use Document Central to view the documents in that library.
Write: The write permission determines whether users can archive documents in the document library. If a user has read permission but no write permission for the document library, they can see the documents archived in the document library but cannot add new documents.
Delete: The delete permission determines whether users can delete the documents archived in the document library. If a user does not have delete permission for a document library, they cannot delete documents archived in that library.
Edit Retention Label: The permission to edit the retention label determines whether users can edit the retention label for documents archived in the document library. If a user does not have permission to edit the retention label for a document library, they cannot edit the retention label for any document archived in that library.

For documents displayed through a relationship or an additional search, the access controls of the source document apply. This means that if a user has read permission for a document library and the document is displayed through a relationship in another document library without read permission, the document will still be displayed.

Setting Up Access Control for Content Types

To enable access control for content types, follow these steps:

Navigate through the Document Central - Administrator role center.
Click on Repository in the menu bar and perform the action Content Types.
Click on the content type name Name that is to be configured with access control.
Perform the action Access Controls in the menu bar.
Enter the group code in the User Group Code field.
Define the values for the group's access control in the Read, Write, and Delete fields.
Access control is now activated for the defined user group.

Important

Access control at the content type level overrides the access control defined at the document library level.

Setting Up Access Control for Content Types in a Specific Document Library

To enable access controls for a content type in a specific document library, follow these steps:

Navigate through the Document Central - Administrator role center.
Click on Repository in the menu bar and perform the action Document Libraries.
Click on the document library code Code that is to be configured with access control.
Navigate to the Content Types section.
Select the content type for which the access controls are to be activated and perform the action Access Controls.
Enter the group code in the User Group Code field.
Define the values for the group's access control in the Read, Write, and Delete fields.
Access control is now activated for the defined user group.

Important

Access control at the content type level in a document library overrides the access control defined at the document library and content type levels.

Explanation

Read: The read permission determines whether users can see documents archived with the content type. If a user does not have read permission for a content type, they cannot see the documents archived with that content type.
Write: The write permission determines whether users can archive documents with the content type. If a user has read permission but no write permission for a content type, they can see the documents archived with that content type but cannot select that content type for new documents they want to archive.
Delete: The delete permission determines whether users can delete documents archived with the content type. If a user does not have delete permission for a content type, they cannot delete documents archived with that content type.
Edit Retention Label: The permission to edit the retention label determines whether users can edit the retention label for documents archived with the content type. If a user does not have permission to edit the retention label for a content type, they cannot edit the retention label for any document archived with that content type.

If a user has no access controls for a document library but has access controls for a content type defined in the document library or generally, they can view, write, or delete documents with that content type based on the configured access controls.