Skip to content

Windows Server Prerequisites

Make sure your system fits the descriptions below before starting the installation.

Backup Operator Privileges

The user configured in the permissions perquisites section must be a member of the local Backup Operator group of the file server. It eliminates the need to grant explicit permissions to the Data Access Security user to all the folders on the file server. By using the Backup Operator privilege, Data Access Security can crawl, collect permissions, and classify data even if the user does not have explicit permissions to the folder.

Permissions

Data Access Security requires different permissions based on the tasks that require those permissions. The user configured in the Application Configuration wizard must have the following permissions on the file server:

  • Share Read permissions to all shares on the file server
  • Member of the local Backup Operators group on the file server
  • Member of the local Administrators group on the file server

The following describes required permissions by each Data Access Security task:

  • Crawling - The user must have Share Read permissions to all the shares on the file server and be a member of the local Backup Operators group on the file server.
  • Permission Collection - The user must have Share Read permissions to all the shares on the server and be member of the local Backup Operators group on the server. The user must also be a member of the local Administrators group to read the Share Permissions and the local Users and Groups of the server.
  • Data Classification - The user must have Share Read permissions for all the shares on the server and be member of the local Backup Operators group on the server.

Communication Requirements

Requirement Source Destination Port
Permissions / Resource Collector and Data Classification Analysis Permissions and Resource Collector Virtual Appliance / Data Classification Server Virtual Appliance Monitored Server SMB (139, 445)

Documentation Feedback

Feedback is provided as an informational resource only and does not form part of SailPoint’s official product documentation. SailPoint does not warrant or make any guarantees about the feedback (including without limitation as to its accuracy, relevance, or reliability). All feedback is subject to the terms set forth at https://developer.sailpoint.com/discuss/tos.