Shared Folders Page

Owned by Phillip Hanegan
Feb 29, 2024
7 min read

Users can access the Shared Folders page within Resource Admin by selecting 'Shared Folders' from the Resource Type menu. This page is structured to facilitate efficient management of shared folders. It offers various tabs, views, and controls that enable users to interact with, create, and update shared folders.

 

Features Available on the Shared Folders Page

Upon navigating to the Shared Folders page, users have the capability to search for specific shared folders based on defined criteria and manage these groups as necessary.

Searching for Shared Folders

Every object in the EmpowerID Identity Warehouse, including shared folders, is equipped with a 'SearchTerms' property. This property contains a set of search values specifically designed to retrieve objects matching those values. For shared folders, 'SearchTerms' encompasses the following attributes:

  • Name

  • FriendlyName

  • LocalPath

  • UNCPath

When a search value is input, the API searches these attributes and returns all shared folders where the value matches a substring in any of these properties. For example, entering “fi” as a search value will retrieve any shared folders with a match in any of these attributes.

 

Shared Folders Search Filters

When 'Shared Folders' is selected as the resource type, an API call fetches all accessible shared folder records for the user. To assist in navigating through potentially large volumes of records, Resource Admin offers a variety of search filters:

Filter

Description

Filter

Description

Owned By

 

Lists shared folders based on ownership, with options including:

  • Anybody: Displays all shared folders.

  • Myself: Shows only folders owned by the user.

  • Someone Else: Lists folders owned by a specified individual.

The visibility of the 'Owned By' filter depends on the user's role assignment.

UNC Path

 

Filters shared folders based on the specified UNC path.

 

Advanced Search

 

Enables further refinement of the search for shared folders. Users can filter based on one or more of the following attributes:

  • Name

  • Computer

  • DNS Host Name

  • Description

Interacting with Shared Folders

In the Resource Admin system, each shared folder is associated with a dedicated record that provides key information for user interaction. To delve into more detailed aspects of a shared folder, users can click on the 'Details' link within each record. This action opens a Details view that is specifically configured for the selected shared folder.

The Details view hosts various tabs, each designed to offer comprehensive insights and management options for the shared folder. These tabs enable users to perform a range of tasks, including modifying folder attributes and controlling access permissions.

Furthermore, every shared folder record includes a contextual workflow button marked by a gear icon. Users with appropriate access rights can use this button to initiate the 'Delete Shared Folder' workflow.

 

 

Clicking the 'Details' button for a shared folder directs users to the Overview page. This page offers comprehensive information about the folder, with navigable tabs designed for managing different aspects of the folder, including its configuration, associated tasks, and user assignments.

 


IAM Shop Assignments

The 'IAM Shop Assignments' tab is tailored for the management of IAM Shop Assignments specifically associated with shared folders. It is designed to enable users who have the necessary access to efficiently manage these assignments.

Functionalities provided in this tab include:

  • View Current IAM Shop Assignments: Users have the ability to view a comprehensive list of all IAM Shop Assignments currently linked to the shared folder. This feature allows for an overview of who has what level of access.

  • Add New IAM Shop Assignments: Within this functionality, users can assign new IAM Shop Assignments to the shared folder. This involves selecting an appropriate IAM Shop Permission Level and adding accounts that require access. This feature is crucial for adapting the folder's access structure to changing needs or roles.

  • Remove Current IAM Shop Assignments: This option allows users to revoke existing IAM Shop Assignments from accounts associated with the shared folder. It is an essential tool for maintaining current and appropriate access levels, especially in response to changing organizational structures or security policies.

 

IAM Shop Assignees

The 'IAM Shop Assignees' tab is specifically designed for managing individuals or entities (assignees) who are granted access to shared folders through IAM Shop Assignments. This tab is intended for users with appropriate access to manage these assignees efficiently.

Functionalities available in this tab include:

  • View Current IAM Shop Assignees: Users can view a detailed list of all individuals and entities currently assigned to the shared folder via IAM Shop Assignments. This provides an overview of current access levels, detailing who has access and the specific permissions granted.

  • Add New IAM Shop Assignees: This feature enables users to assign new IAM Shop Assignees to the shared folder. It involves selecting a suitable IAM Shop Permission Level and choosing the type of assignee – whether a Group, Management Role, Management Role Definition, or Query-Based Collection – followed by specifying the particular resource within the chosen category. This process is key to granting access to new users or entities based on current needs or changes within the organization.

  • Remove Current IAM Shop Assignments: Through this option, users can revoke access from existing IAM Shop Assignees associated with the shared folder. Removing an assignee effectively withdraws their access as defined by the IAM Shop Permission Level, ensuring that access rights remain aligned with organizational requirements and security protocols.

 

 

 

RBAC Assignments to Folder

The 'RBAC Assignments to Folder' tab grants users the ability to view and manage the RBAC access assignments granted to the folder.

Functionalities available to users with delegated access in this tab include:

  • Viewing Detailed Information About Existing RBAC Access Assignments: Users can view the details of all RBAC access assignments that are currently linked to the folder.

  • Deleting Current RBAC Access Assignments from the Shared Folder: This feature enables users to remove any existing RBAC access assignments from the folder. It's an important function for maintaining the folder's security and ensuring that access rights are up-to-date and aligned with current organizational needs or security policies.

 

 

Access Managers (RBAC Owners)

The 'Access Managers (RBAC Owners)' tab grants users with the appropriate access the ability to manage access managers for the selected shared folder. This tab is crucial for assigning and maintaining control over who manages access to the folder.

Functionalities available to users in this tab include:

  • Viewing Current Access Managers: This feature allows users to see a list of all current access managers (RBAC owners) assigned to the shared folder. It provides an overview of individuals responsible for managing access to the folder.

  • Adding New Access Managers: Users can use this functionality to assign new access managers to the shared folder. This involves selecting individuals who will be granted the authority to manage access rights, ensuring that folder security and access control are appropriately handled.

  • Deleting Existing Access Managers: This option enables users to remove current access managers from the shared folder. Removing an access manager is a key function for revising or updating the management of folder access, especially in response to changes in team structure or security requirements.

 

 

Direct Assigned Locations

The 'Direct Assigned Locations' tab grants users with the appropriate access the ability to manage the direct assigned locations of the selected shared folder.

Functionalities available to users in this tab include:

  • Viewing Current Direct Assigned Locations: This feature enables users to view a list of all locations currently assigned directly to the shared folder.

  • Adding New Direct Assigned Locations: Users can use this functionality to assign new locations to the shared folder.

  • Deleting Existing Direct Assigned Locations: This option allows users to remove currently assigned locations from the shared folder.

 

 

Access Request Policy

The 'Access Request Policy' tab grants users with the appropriate access the ability to view and manage the Access Request Policy used to manage the approval flow that occurs when eligible users request access to the shared folder in the IAM Shop.

Functionalities available to users in this tab include:

  • Viewing the Current Access Request Policy: Users can review the existing policy that dictates the approval flow for access requests. This feature is essential for understanding the current criteria and steps involved in granting access to the shared folder.

  • Changing the Current Access Request Policy: This functionality allows users to modify the existing Access Request Policy. Adjustments can be made to update the approval process, ensuring that it remains efficient and consistent with evolving organizational requirements or security standards.

 

 

Shared Folders Workflows Page

On the Shared Folders Workflows Page, authorized users can access several workflows specifically designed for managing shared folders. This page acts as a centralized hub for these workflows, streamlining the process of locating and initiating various tasks.