Permissions

File Access Manager requires different permissions, based on the tasks that require those permissions. The user configured in the Application configuration wizard must have the following permissions on the file server:

Share Read permissions to all shares on the file server
Full Control permission for each normalized folder
Member of the local Backup Operators group on the file server
Member of the local Administrators group on the file server

Why do we need this access?

The following detailed explanation describes required permissions by each File Access Manager task:

Activity Monitoring

No special permission is required, since the Activity Monitor service runs locally on the monitored service with Local System privileges.

Crawling

The user must have Share Read permissions to all the shares on the file server.

The user must be a member of the local Backup Operators group on the file server.

Permission Collection

The user must have Share Read permissions to all the shares on the server.

The user must be member of the local Backup Operators group on the server.

The user must be a member of the local Administrators group to read the Share Permissions, and the local Users and Groups of the server.

Access Fulfillment

The user must have Full Control permission on the normalized folders to be able to set the permissions.

Data Classification

The user must have Share Read permissions for all the shares on the server.

The user must be member of the local Backup Operators group on the server.


	You are here: