Issue: Currently the Member Hierarchy permissions will not become effective in our production environment. However, QA and DEV environments cannot replicate the issue.

Description:

On the Hierarchy Members screen, we assign read-only to one member and deny to the other.

The Entity is set to read-only for user.

When looking at the user only screen for the hierarchy membership - the read-only and deny permissions are shown. However, effective shows read-only for both AND an "*". If you hover over the members on this screen it shows  "Read-only (inherited).

In QA - the effective screen reflects the hierarchy membership permissions set under the user only screen.

Troubleshooting steps taken:

1. Validated that SQL Service account in Production environment has sysadmin access. The Service account actually didn't have the sysadmin access when I check originally. I added this and restarted SQL. However, the problem was not solved.

2. This issue is occurring for multiple users in the production environment. I cannot replicate it in QA.

3. After assigning all of the permissions I am using the recommended sp as directed in the immediately apply membership permissions write-up on technet

4. I have validated that the Service Broker is enabled and an Endpoint is present in the production environment.

EXEC   [mdm].[udpSecurityMemberProcessRebuildModel] @Model_ID = MODELID, @ProcessNow = 1;

• Edited by ATMilner 9 hours 2 minutes ago

Can you check if the user belongs to a group and that group has read-only permission on the nodes in the same hierarchy?

• Edited by Vincent Chen (X)Moderator 5 hours 18 minutes ago