DT Server User right "download" ignored with PDF


We are using DT Server Edition (3.7.2) and try to allow our employees to read in our library. Therefore, we set a user which is only allowed to read documents in the User right settings.

At the server “website” it is no problem to download all PDF-files over the PDF-reader download button.

We restarted DT and the server several times, but that didn´t work.

Is this a bug or do we maybe miss something?

Hi and welcome to the forum. In the title of your post you mention “delete” but don’t reference deleting in your post; as such, I’m not sure what problem you are describing. Could you please elaborate?

Thank you for your friendly words! Here is a screenshot

The permissions affect only features controlled by the server & web interface but according to your screenshot the PDF document is handled by the Adobe Acrobat plug-in which provides the download option on its own.

And to build on @cgrunenberg’s comments, the PDF viewer used in Safari will similarly have a download control…

Okay I see, there is no way to stop employees from downloading copyrighted PDF´s. As far as I can see we will need to protect all 5000 PDF´s with a password from printing out and copy contents or sharing it with others.

Yeah, there doesn’t appear to be any control over this particular case.

That only works if the PDF viewer you (or more to the point, the user) use actually honours those settings. Not all do. Quite apart from which, screenshots and OCR mean you can copy and print whatever is displayed on the screen.


I fully agree what you say, I don´t mind if an employee, make some screenshots and OCR it. But I really like to prevent us from finding some or all 5000 PDF´s with our watermark all over the internet.

Whilst I understand the intention, I don’t think you can. If the user can use software to download and display a PDF, then the file is theirs. Print and copy privileges are acknowledged by Acrobat, for example, but not by all software. You could password protect the file itself (encrypting it, that is), but as every employee would have to have access to the password, that would hardly help. If you actually need to protect these documents, IMO you need a dedicated system for doing so - one which watermarks the PDF visibly and invisibly per download and/or user. Or a system which displays the contents of the file within a protected environment (no such thing, but you can certainly make it a pain in the ass to download the file if it is displayed page for page in a viewer). Or a system which doesn’t serve PDFs at all, but provides the text.


As @Blanc suggested: watermark the PDFs not only with the company’s logo or name or whatever, but with the name of the user when they download it. That’s what e.g. the German IT publisher Heise does with their PDFs. It does of course not prevent copying, but it makes giving away the copies a lot more risky. Especially, since PDFs are programs, so a personalization can be hidden whereever and would be very difficult to remove.

Alternatively, generate private/public keys for your users and encrypt the PDF with the user’s public key. Then only they can decrypt it with their private key.

However, the more you get on the nerves of the people who want to use the PDFs (and most probably not steal them) the more you incentivise them to actually circumvent your protections to simply do what they are supposed to do.

That does not help against copyright violations, though. The copyright is with the text, not its representation, I think.