EmpowerID allows you to add Windows Servers as a managed resource system for file share management, providing you with automated role-based access control, delegated permissions administration, and self-service workflow-based access requests for those shares with a full audit trail. Once a server has been added as a resource system, and the Management Agent Server is set to the EmpowerID Server running the EmpowerID Windows Agent, EmpowerID will continuously inventory and monitor the server to discover new shared folders as they appear and to detect all permissions changes against those objects. This provides complete visibility over what shared folder resources exist and who may access them and in what capacity.
This topic demonstrates how to add a Windows File Server to EmpowerID as a managed resource system and is divided into the following activities:
Before you can create add a Windows File Server to EmpowerID as a managed resource system, EmpowerID must first be connected to Active Directory. For the details, see Active Directory. Additionally, for EmpowerID to have the necessary NTFS permissions to create shared folders, you must associate the Windows Server Management Web Service job with a service account that is a domain user with admininstrator rights on the server hosting the shared folders. The password for that account must be vaulted in EmpowerID. For more details, see Configuring the EmpowerID Windows Server Agent Account. |
Toggle the Enable this Functionality button from a red sphere to a green check box.
For a conceptual overview of the principals involved with projection, enforcement and Resource Role Groups, see Overview of Projection and Enforcement. |
|
|