Article published on the 13th of September, 2023.
1. Security replication in WorkPoint 365 Version 4
Security Replication refers to manually triggered, and automated, jobs that replicate the configured security settings and permissions onto entities of the business module.
As mentioned, security replication jobs can be started manually. Additionally, if a user is added or removed from a group on the root site of the solution, or other permission changes on the root site, e.g., adding a new site collection administrator to the root site a site collection, a synchronization of permissions is automatically triggered. Lastly, if the meta data in a field on a business module, which relates to an activation condition or a dynamic audience of a security rule, a security replication job is also automatically run.
In version 4 of WorkPoint 365, it is possible to finely select the scopes and security objects to replicate. You can e.g. select to only replicate the Site Collection Administrators from the root site to one or more entities, or you can select to only replicate security settings for the Entity scope onto a specific scope.
In this article, we will cover how to access the Security Replication page of a business module and how to start a security replication job.
2. Accessing the Security Replication page
Be aware that Master Sites are not affected by security replication. Best practice is to remove all permissions from Master Sites, such that only administrators can see them.
Note that data inheritance fields do not trigger security replications.
To access the Security Replication settings, follows these steps:
- Access the WorkPoint 365 Administration Dashboard
- Click the header of the business module for which you wish to access the Security Replication settings
- Click “Security Replication” from the list
This opens the Security Replication page for the selected module (here the Projects module):
3. Configuring and running security replication
The interface for Security Replication is shown and described in the image below:
- In the WorkPoint Security Scopes section, you can select which scopes of the master site collection to replicate security. It is generally good practice to only select the scope(s) where you have made changes to permission setups, in order to optimize performance of the job. Note that the options in WorkPoint Security Scope is dependent on the architecture of the business module you are configuring. The image demonstrates the scopes for One entity per site collection modules. For modules using the Multiple entities per site collection architecture, you cannot select the "SharePoint Group", "Office 365 Group" or the "Sharing" options. The image demonstrates the settings for modules using the One entity per site collection architecture. On modules using the Multiple entities per site collection architecture, this entire section is not applicable and is therefore not shown.
- In the Site Collection Security section, you can select which security objects to replicate from the root site collection to the selected replication scope. The security replication will respect the security settings currently configured on the business module, i.e. they will not be overwritten. Note that the options in Site Collection Security is dependent on the architecture of the business module you are configuring. If you need to synchronize objects from the root site collection to bucket sites related to a Multiple sites per entity module, you can perform a Site Collection Synchronization.
- In the Replication Scope, you can select which entities on the module to replicate security onto. Dependent on your selection, you may need to provide more information. Here's an overview of the different replication scopes and their required information:
- No additional selection required
- The internal ID of the entity to be synchronized must be provided.
Start from entity
- The internal ID of the entity to begin the synchronization from. This entity and all subsequent entities will have security replicated onto them per your selections.
- A view from the business module must be selected. You can select between the currently configured views on the business module.
- A CAML query which selects the entities you want to replicate security onto must be provided in the CAML editor. You can write your own CAML query and use the "Validate" button to validate your query, or you can load a CAML query from a view on the business module by selecting a view and clicking the "Load CAML from View button.
- No additional selection required.
- In the Schedule section, you can select when to run the security replication. Dependent on your selection, additional information may be required:
- No additional information required. The job will run immediately upon clicking the "Replicate" button.
- A start Date and Time must be selected (UTC time). Once a start date and time has been selected, you can schedule the job by clicking the "Replicate" button. The job will run once the selected date and time comes around.
Note that you can find the internal ID of an entity by enabling the "ID" column on a view on the business module and note down the number in that column.
Security replication jobs which have been started using the "Run now" option can be tracked in the list on the Security Replication page:
Security jobs which have been started using the "Schedule" option can be viewed and canceled in the "Scheduled jobs" page in the WorkPoint 365 Administration:
Note that security replication jobs started in this way will appear with "RunOnce" in the "Frequency" column.
To cancel the job, click "Edit" and then click "Delete".