https://community.esri.com/t5/arcgis-enterprise-ideas/securing-folders-services-by-roles/idi-p/933199 <HTML><HEAD></HEAD><BODY><P>By specfication and according to the following page, users who have Publisher's role have access to all services and folders within the ArcGIS Server site.</P><DIV style="margin-left: 40px;"><SPAN style="color: #4d4d4d; float: none; background-color: #ffffff;">"When a role has its role type set to Administrator or Publisher, members of that role will have implicit permission to access all services hosted on an ArcGIS Server site. This implicit permission cannot be overridden by changing the permissions on a service or folder. "</SPAN><BR /><A href="http://resources.arcgis.com/en/help/main/10.1/index.html#/na/0154000005qw000000/" target="_blank">http://resources.arcgis.com/en/help/main/10.1/index.html#/na/0154000005qw000000/</A></DIV><P><BR />That means, Publishers can stop or delete any services hosted on the site.<BR /><BR />For example, if one organization is using ArcGIS 10.1 for Server and wants to manage map services by departments, the OOTB ArcGIS Server does not have the capability to hide folders and services from publishers.<BR /><BR /><BR />Another exapmple:If I have the below configuration, both User A and B have access to both Service A and B.<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; It'd be nice if User A can only see the Folder/Service A and not being able to from User B.<BR /><BR />ArcGIS Server site<BR />&nbsp;&nbsp; -Folder A<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; -Service A<BR />&nbsp;&nbsp; ==&gt; Set&nbsp;permission as follows<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; -Role A<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; -User A(publisher)<BR /><BR />&nbsp;&nbsp; -Folder B<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; -Service B<BR />&nbsp;&nbsp; ==&gt; Set permission as follows<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;-Role A<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;-User A(publisher)<BR /><BR /></P></BODY></HTML> Fri, 11 Jan 2013 04:35:44 GMT MasaakiABE 2013-01-11T04:35:44Z https://community.esri.com/t5/arcgis-enterprise-ideas/securing-folders-services-by-roles/idi-p/933199 <HTML><HEAD></HEAD><BODY><P>By specfication and according to the following page, users who have Publisher's role have access to all services and folders within the ArcGIS Server site.</P><DIV style="margin-left: 40px;"><SPAN style="color: #4d4d4d; float: none; background-color: #ffffff;">"When a role has its role type set to Administrator or Publisher, members of that role will have implicit permission to access all services hosted on an ArcGIS Server site. This implicit permission cannot be overridden by changing the permissions on a service or folder. "</SPAN><BR /><A href="http://resources.arcgis.com/en/help/main/10.1/index.html#/na/0154000005qw000000/" target="_blank">http://resources.arcgis.com/en/help/main/10.1/index.html#/na/0154000005qw000000/</A></DIV><P><BR />That means, Publishers can stop or delete any services hosted on the site.<BR /><BR />For example, if one organization is using ArcGIS 10.1 for Server and wants to manage map services by departments, the OOTB ArcGIS Server does not have the capability to hide folders and services from publishers.<BR /><BR /><BR />Another exapmple:If I have the below configuration, both User A and B have access to both Service A and B.<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; It'd be nice if User A can only see the Folder/Service A and not being able to from User B.<BR /><BR />ArcGIS Server site<BR />&nbsp;&nbsp; -Folder A<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; -Service A<BR />&nbsp;&nbsp; ==&gt; Set&nbsp;permission as follows<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; -Role A<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; -User A(publisher)<BR /><BR />&nbsp;&nbsp; -Folder B<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; -Service B<BR />&nbsp;&nbsp; ==&gt; Set permission as follows<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;-Role A<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;-User A(publisher)<BR /><BR /></P></BODY></HTML> Fri, 11 Jan 2013 04:35:44 GMT https://community.esri.com/t5/arcgis-enterprise-ideas/securing-folders-services-by-roles/idi-p/933199 MasaakiABE 2013-01-11T04:35:44Z https://community.esri.com/t5/arcgis-enterprise-ideas/securing-folders-services-by-roles/idc-p/933200#M612 <HTML><HEAD></HEAD><BODY>mistake in the B part<BR /><BR />ArcGIS Server site<BR />-Folder A<BR />-Service A<BR />==&gt; Set permission as follows<BR />-Role A<BR />-User A(publisher)<BR /><BR />-Folder B<BR />-Service B<BR />==&gt; Set permission as follows<BR />-Role B<BR />-User B(publisher) <!-- content transformation source ID: 00aE00000027Yxy --> </BODY></HTML> Fri, 11 Jan 2013 04:37:01 GMT https://community.esri.com/t5/arcgis-enterprise-ideas/securing-folders-services-by-roles/idc-p/933200#M612 MasaakiABE 2013-01-11T04:37:01Z https://community.esri.com/t5/arcgis-enterprise-ideas/securing-folders-services-by-roles/idc-p/933201#M613 <HTML><HEAD></HEAD><BODY>I agree. Publishers should be limited to only add/del/mod their own services not globally like Admins. <!-- content transformation source ID: 00aE00000028g63 --> </BODY></HTML> Fri, 22 Feb 2013 21:21:04 GMT https://community.esri.com/t5/arcgis-enterprise-ideas/securing-folders-services-by-roles/idc-p/933201#M613 AndrewPratt 2013-02-22T21:21:04Z https://community.esri.com/t5/arcgis-enterprise-ideas/securing-folders-services-by-roles/idc-p/933202#M614 <HTML><HEAD></HEAD><BODY>Would make managing ArcGIS server sites accross lrage organisation much easier. <!-- content transformation source ID: 00aE00000029y9J --> </BODY></HTML> Wed, 24 Apr 2013 05:38:30 GMT https://community.esri.com/t5/arcgis-enterprise-ideas/securing-folders-services-by-roles/idc-p/933202#M614 StuartFletcher1 2013-04-24T05:38:30Z https://community.esri.com/t5/arcgis-enterprise-ideas/securing-folders-services-by-roles/idc-p/933203#M615 <HTML><HEAD></HEAD><BODY>Idea ..<BR />At a minimum<BR />A publisher could make his published service either Private or Public Authored.<BR />- Private Authored only permits the Publisher to alter his service.<BR />- Public Authored allows other Publishers to alter his service.&nbsp;<BR /><BR /><BR /> <!-- content transformation source ID: 00aE00000031LCB --> </BODY></HTML> Wed, 21 Aug 2013 00:25:22 GMT https://community.esri.com/t5/arcgis-enterprise-ideas/securing-folders-services-by-roles/idc-p/933203#M615 SeanTucker1 2013-08-21T00:25:22Z