Improvements that are included in the hotfix package
- This hotfix provides support for TCS "Access Restriction" Access Control List (ACL) features to Documentum users.
When SharePoint 2010 Indexing Connector for Documentum translates Documentum ACL to NT ACL, the TCS ACL "Access Restriction" access permission is recognized and translated. Therefore, in SharePoint search results, you cannot see documents on which you are assigned with "Access Restriction" access permission.
Note During the crawl process, "Required Group" access permission and "Required Group Set" access permission are not translated to NT ACL. - The TCS ACLs are extracted into SharePoint crawled properties.
In order to enable the security trimming solution, this hotfix extracts the following TCS ACLs into SharePoint crawled properties that correspond to the Documentum objects crawled.
| TCS ACL | Crawled Property | Content Format |
| Access Restriction | DocumentumACLDeny | DCTM User/Group\\ DCTM user/group\\DCTM user/group\\ |
| Required Group | DocumentumACLRqGroup | DCTM Group\\ DCTM group\\DCTM group\\ |
| Required Group Set | DocumentumACLRqGroupSet | DCTM Group\\ DCTM group\\DCTM group\\ |
- In the RTM version of Indexing Connector for Documentum, the Documentum standard ACL access permission is extracted into crawled property DocumentumACL.
- Extracting crawled properties for Docmentum ACLs are optional during the crawl process. If you want them to be crawled, an administrator should use the following command together with the command switch PersistDCTMACL in Documentum Connector:
Set-SPEnterpriseSearchDCTMConnectorConfig - The format that describes a Documentum user or group in these crawled properties is still kept same.
| Source | Format | Notes |
| User from "None" for "LDAP" | Source\U\UserLoginDomain\UserLoginName | "U" means user.
dm_owner(represents the owner of the document) will be translated to the real user ID.
dm_world(represents everyone) will be kept
|
| User from "Inline Password" | Source\U\RepositoryName\UserLoginName | "U" means user.
dm_world(represents everyone) will be kept. |
| Group | Source\G\RepositoryName\GroupName | "G" means group. |
- A special user permission "superuser" is available.
If a user is assigned for the "superuser" user permission, the user can see all objects in the repository. Additionally the "superuser" user permission overrides all the other standard ACL access permissions and TCS ACL access permissions.
Note
- The "superuser" user permission is added into the managed crawled property DocumentumACL for every crawled object. In DocumentumACL, the "superuser" is treated as a group. The format of the "superuser" is as following:
"Inline Password\G\RepositoryName\superuser"
- The indexing connector treats the "superuser" as a special group. For every crawled object, the "superuser" user permission is translated into NT ACL access permission according to the mapping that is specified in DCTMConfig.xml.
- In order to configure the indexing connector to map "superuser" user permission to a certain NT user account or a certain NT group account, an administrator should add the following code example under <Shared> element of theDCTMConfig.xml file that is located under the %Program Files%\Common Files\Microsoft Shared\Web Server Extensions\14\CONFIG\SearchConnectors\Documentum path.
<SuperuserMapping>DomainName\superusergroup</SuperuserMapping>
Hotfix information
A supported hotfix is available from Microsoft. However, this hotfix is intended to correct only the problem that is described in this article. Apply this hotfix only to systems that are experiencing the problem described in this article. This hotfix might receive additional testing. Therefore, if you are not severely affected by this problem, we recommend that you wait for the next software update that contains this hotfix.
If the hotfix is available for download, there is a "Hotfix download available" section at the top of this Knowledge Base article. If this section does not appear, contact Microsoft Customer Service and Support to obtain the hotfix.
Note If additional issues occur or if any troubleshooting is required, you might have to create a separate service request. The usual support costs will apply to additional support questions and issues that do not qualify for this specific hotfix. For a complete list of Microsoft Customer Service and Support telephone numbers or to create a separate service request, visit the following Microsoft website: Note The "Hotfix download available" form displays the languages for which the hotfix is available. If you do not see your language, it is because a hotfix is not available for that language.Prerequisites
To install this hotfix, you must have SharePoint 2010 Indexing Connector for Documentum installed.
Restart requirement
You do not have to restart the computer after you apply this hotfix. However, you must restart the SharePoint search service before and after you apply the hotfix.
Hotfix replacement information
This hotfix does not replace a previously released hotfix.Registry information
To use one of the hotfixes in this package, you do not have to make any changes to the registry.File information
This hotfix may not contain all the files that you must have to fully update a product to the latest build. This hotfix contains only the files that you must have to correct the issues that are listed in this article.The global version of this hotfix package uses a Microsoft Windows Installer package to install the hotfix package. The dates and the times for these files are listed in Coordinated Universal Time (UTC) in the following table. When you view the file information, the date is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time item in Control Panel.Download information| File name | File version | File size | Date | Time | Platform |
| Searchdctm2010-kb2459111-fullfile-x64-glb.exe | 14.0.5130.5000 | 1,320,088 | 20-Nov-10 | 1:00 | x86 |
| File name | File version | File size | Date | Time | Platform |
| Searchdctm-x-none.msp | Not Applicable | 67,072 | 19-Nov-10 | 12:44 | Not Applicable |
After the hotfix is installed, the global version of this hotfix has the file attributes, or a later version of the file attributes, that are listed in the following table:
Searchdctm-x-none.msp
| File name | File version | File size | Date | Time | Platform |
| Documentum.dll | 14.0.5129.5000 | 153,456 | 2-Nov-10 | 15:02 | x86 |