Skip to content

Prerequisites for Unity

Make sure your system fits the descriptions below before starting the installation.

Permissions

Data Access Security requires different permissions, based on the tasks that require those permissions. The user configured in the Application configuration wizard must have the following permissions on the file server:

  • Share Read permissions to all shares on the file server
  • Ability to list shares
  • Member of the local Administrator group
  • Member of the local Backup Operators group on the file server

The following describes required permissions by each Data Access Security task:

  • Crawling - The user must have Share Read permissions to all the shares on the file server and be a member of the local Backup Operators group on the file server.
  • Permission Collection - The user must have Share Read permissions to all the shares on the server and be member of the local Backup Operators group on the server.
  • Data Classification - The user must have Share Read permissions for all the shares on the server and be member of the local Backup Operators group on the server.
  • Activity Monitoring - The user must have local Administrator permissions to access share information on the server.

Configuring the CEE Service

Note

Create an Activity Monitor virtual appliance cluster per CEE cluster.

  1. On every CEE server, open the registry and perform the following changes:

    [HKLM\Software\EMC\CEE\CEPP\Audit\Configuration]

    Endpoint=whitebox@<Data Access Security Activity Monitor server ip address>

    Enabled=1

  2. Restart the EMC CEE service.

Note

If multiple monitor servers exist, the list should look like: whitebox@ip, whitebox@ip, ...

Using Unisphere Management Interface

  1. Verify Event Publishing is enabled for your Unity application.
  2. For more information see Dell support documentation (https://[your unisphere location]/help/webhelp/en_US/unity_c_about_events_publishing.html).

Note

Replace "your unisphere location" with the IP of your Unisphere management interface.

Event Forwarding - Enter the uniform resource identifier (URI) where the CEE service is installed. The format of the entry is:

  http://[fully.qualified.domain.name/IP]:[port]/cee

  Example: http://172.17.40.251:12228/cee

Port - The default is 12228

Communication Requirements

Requirement Source Destination Port
Activity Monitoring Activity Monitoring Collector Unity server CIFS/SMB (445)
Activity Monitor CEE Activity Monitoring Virtual Appliance 13000

Documentation Feedback

Feedback is provided as an informational resource only and does not form part of SailPoint’s official product documentation. SailPoint does not warrant or make any guarantees about the feedback (including without limitation as to its accuracy, relevance, or reliability). All feedback is subject to the terms set forth at https://developer.sailpoint.com/discuss/tos.