There are two types of refile operations:

  • Metadata: Affects only the metadata fields eligible for refile. During a metadata refile, these custom fields are aligned with the parent container. Refiling metadata ensures that users can easily retrieve content through searches. 


    • Except for class and subclass, all the metadata fields are copied from the workspace. Class and subclass are copied from the immediate parent folder.
    • When changing workspace or folder metadata, the metadata refile operation updates all eligible metadata fields on an object when a metadata event is triggered. Therefore, each refile eligible metadata field is updated, including fields that might not have changed. For example, if a change is made to metadata field custom3 for a workspace, all refile eligible fields (potentially custom1 through custom30) for a document could be updated. This results in the document's metadata fields aligning with the metadata values for the workspace.
  • Security: Affects the default security and the list of users/groups with permissions to access the item. During a security refile, the security of ‌the item is aligned with the parent container. Refiling security ensures that only the authorized teams or users can view and access the item. Security is refiled for items in the folders that inherit security.

Each refile type is an independent event and only affects that one type. For example, a security refile only affects security-related fields and never modifies metadata. The events are enabled separately. 


  • During a refile operation, documents that are currently locked (due to being checked out) cannot be processed and will not have the latest security and metadata properties applied, even after being checked in. If further metadata or security updates are made to the parent workspace or folder, this will trigger another refile operation, at which point the document will be updated.
  • Declared record documents are processed for security, but not metadata. Refer to Restricted and Secured Documents for more details.
  • Share folders and shortcuts are not processed.

IMPORTANT: Considerations when using the Refile Service for security updates

iManage Work enables users to update the editing of user/group permissions of multiple items in action. This capability, called Bulk Security Update. For more information about this feature, see the Work Web online help.

iManage recommends enabling either the Bulk Security Update or the security updates capability of the Refile Service based on the outcome your organization is trying to achieve. Enabling both capabilities at the same time may cause a user's Bulk Security Updates to be overwritten by the Refile Service, and the other way around.

Having Refile Service and Bulk Security Update enabled together can create a conflict of capabilities. For example—users could use the new bulk security update capability to select three separate documents and apply new security to these documents. When the Refile Service is also enabled in their organization, the Refile Service detects that the security on these documents do not match the security of the parent folders, and updates the security again, thereby removing the change that users applied.

The following table provides a detailed explanation on how security updates work with Refile Service versus Bulk Security Update. 

Table: Refile Service versus Bulk Security Update

Bulk security updates

Refile Service

Security Update Initiator


Event-driven Service.

Security Updates performed by

End-users on files that they have Full Access to.

Refile Service account must be run with an NRTADMIN account to allow security updates to all content within the library.

Security changes tracked in the audit

As the security update is triggered by end-users, the changes are only applied to documents that they have full access to. 

Changes are performed as Admin user, using Refile Service.
Updates are done by the Refile Service account, which updates the security for all the files.

Security rules

End-users have granular control and can select options at the beginning of the bulk operation. Options provided:

  • How to update security for private files.
  • To update security for all the versions of the selected document or only the selected version.
  • Update security for referenced files or not.

Admins decide how to apply security by configuring the options in the backend. For more information, see Configuring Refile - iManage Control Center.

Security and metadata changes

Only updates the security of the selected files.

Can be configured to update metadata, security, or both.

Number of files impacted by a security change

Depends on how many files are selected by users (maximum of 5000 files can be selected).

Applies to all the files within a folder.

Objects impacted (files/folders/workspaces)

Only applies to files that are selected by users for security updates.

: Container security update (Folders & W
orkspaces) is being targeted for a future release. 

Since this is event-driven, a security update at the workspace impacts all the folders and files within the workspace.


End-users are provided with a report at the end of the process with success, skips, or any exceptions.

No notifications are available to end-users.

Reference links for more information

 Editing user/group permissions of items in bulk

Refile - iManage Control Center


To disable the Bulk Security Update capability:

In iManage Control Center, browse to Work Clients > Web ClientContext Menus. In the Context Menu Customization screen, remove the Edit user/group permissions menu item from both the Documents menu and the Emails menu. After saving your changes, users no longer can edit the security of multiple items.

To disable the Refile Service capability for document security updates:

In iManage Control Center, browse to Settings > Refile > select the target library > Security > Edit > set Refile Security to No > Next (no changes required) > Next (no changes required) > Finish.