Hi All,
As part of the reporting program, we have implemented nearly 100 reports into Production. To apply security, we have created folders and sub-folders in BO XIR3 and given access to specific AD groups only.
This security option is working fine when a user traverses into his folders and sub-folders. However, when he searches for report, the BO search functionality is exposing the reports being searched across all the folders and even worse, the user could run the reports from those folders through the link presented by the search functionality.
This has become a major security problem where few reports are finance related and has to be viewed only by finance team where as the teams from other part of the world could see these reports by performing a SEARCH.
Is there any admin level setting by which I can control the search to specific folders based on his access levels.
To clarify, the search returns these other reports, but are your users able to run those reports, even though they have no explicit rights on it? I would expect to see a “no rights” message.
Have you tried in CMC under Applications -> Content Search to see if there are any restrictions? Apologies…i do not have a direct answer, so i can oly hint at certain options i would explore.
If the reports have explicit rights set on them, this may over-ride the Folder rights; users may not see the Folder (as they do not have rights to) but when searching they will see the reports as ostensibly they still have access to them. Just an idea.