Considerations when using the Refile Service for security updates
iManage supports security updates for documents, emails, workspaces, and folders through the Bulk Security Update and Refile Service capabilities. While these capabilities can be enabled at the same time, we recommend enabling either Bulk Security Update or the security updates capability of the Refile Service based on the outcome your organization is trying to achieve.
Enabling both Bulk Security Update and Refile Service may cause security changes made by the user through Bulk Security Updates to be overwritten by the Refile Service, and the other way around. Bulk Security Updates may also trigger Refile Service events, which result in:
An increased queue size for Refile Service, and
Unnecessary reprocessing of workspaces by Refile Service.
For example—users could use the Bulk Security Update capability to select three separate documents and apply new security to these documents. When Refile Service is also enabled, the Refile Service detects that the security on these documents doesn't match the security of the parent folders, and updates the security again, thereby removing the change that the users applied.
The following table provides a detailed explanation on how security updates work using Refile Service versus Bulk Security Update.
Table: Refile Service versus Bulk Security Update
Bulk Security Update | Refile Service | |
---|---|---|
Security update initiated by | Users | Event-driven Service. |
Security updates performed by | Users on files or containers that they have Full Access to. | Refile Service account must be run with an administrative account (a member of the NRTAdmin group) to allow security updates to all content within the library. |
Security changes tracked in the audit | As the security update is triggered by end-users, the changes are only applied to documents and/or folders that they have full access to and are logged as security updates performed by the user in the documents audit trail. | Security updates are done by the Refile Service account, which updates the security for all the files. |
Security rules | Users have granular control and can select options at the beginning of the bulk operation. Options provided:
| Admins decide how to apply security by configuring Refile settings in Control Center. For more information, see Configuring Refile. |
Security and metadata changes | Only updates the security of the selected files or folders. | Can be configured to update metadata, security, or both. |
Number of files impacted by a security change | Only the security of the documents selected by the user (maximum of up to 5000) or security of the contents of a folder or workspace can be updated. | Applies to all the files within a folder. |
Objects impacted (files/folders/workspaces) | Security updates can be initiated at the workspace, folder, or individual document level. | Since this is event-driven, a security update at the workspace impacts all the folders and files within the workspace. |
Notifications | Users are provided with a report at the end of the process with success, skips, or all the items that were part of the security update. | No notifications are available to users. |
Reference links for more information |
NOTE:
To disable the Bulk Security Update capability:
In iManage Control Center, browse to Work Clients > Web Client > Settings > Features. Set Allow users to perform bulk security updates to Yes and select Save.
To disable the Refile Service capability for document security updates:
In iManage Control Center, browse to Settings > Refile > select the target library > Security > Edit > set Refile Security to No > Next (no changes required) > Next (no changes required) > Finish.