-
Open the object that
you want to protect or make available.
-
On the
AuthorizationBasic tab, locate the user or group that you want to assign
an explicit control to. If the user or group is not listed, click
to open the
Add Identities window.
Note: An explicit grant of the
ReadMetadata permission is automatically set for each identity that
you add.
-
Click a cell and make
a selection from the drop-down list.
Note: If the selected identity
is unrestricted, all permissions are granted and you cannot make changes.
Note: When you click outside the
cell, the yellow diamond that indicates an explicit control is displayed
in the cell that you updated.
-
If you changed the access
for a group, review the impact on all of the listed identities.
Note: This is important because
controls that you add for a group can affect access for all members
of that group. For example, an explicit denial that you add for the
PUBLIC group blocks access for all restricted users, unless there
are also explicit (or direct ACT) grants. You must offset a broad
explicit denial with explicit (or direct ACT) grants for any restricted
identities whose access you want to preserve.
-
In the toolbar at the
top of the tab, click
.
Tip
It is easy to add explicit
grants and denials on each object that you want to protect or make
available. However, adding a large number of individual access controls
can make access control management unnecessarily cumbersome.