Hi Naveen, There are three independent levels of acls in Active Directory: share, folder, and document. All three have to be considered in order to determine if a document is visible to a user. So you want (in share_acl and NOT in share_deny_acl) AND (in folder_acl and NOT in folder_deny_acl) AND (in doc_acl and NOT in doc_deny_acl) .
Karl On Wed, Sep 16, 2015 at 2:14 PM, Naveen.A.N <[email protected]> wrote: > I am not sure what is the proper way to filter the documents using ACL > tokens in Active Directory. > The document contains document allow tokens and document deny tokens. also, > I have the user tokens. Do we need to filter like "user tokens which are in > document allow and not in document deny" is that correct way of doing > filtering document for a user? > -- > Thanks and Regards, > Naveen A.N > Lead Software Developer > SearchBlox Software, Inc. > www.searchblox.com > Ph: +91 9445389179 >
