Prerequisites
Make sure your system fits the descriptions below before starting the installation.
Software Requirements
File Access Manager requires the latest ASP.NET Core 6.0.x Hosting Bundle. This bundle consists of .NET Runtime and ASP .NET Core Runtime. You can download the latest 6.0.x Hosting Bundle version from here.
Active Directory DS Authentication
This connector requires identity-based authentication over Server Message Block (SMB) through on-premises Active Directory Domain Services (AD DS).
Permissions
File Access Manager requires different permissions, based on the tasks that require those permissions. The user configured in the Application configuration wizard must have the following permissions on the Azure Files storage:
- Read share-level RBAC permissions for the desirable shares.
- Read NTFS permissions to all folders on the share.
Why do we need this access?
In order to get the following information from the Azure Files Storage, File Access Management uses the SMB/CIFS protocol. This requires permissions both on the share level (Azure role-based access control - Azure RBAC) and on the directory level (New Technology File System - NTFS).
The following detailed explanation describes required permissions by each File Access Manager task:
- Crawling
- The user must have Read permissions to the requested shares and all its folders on the Azure Files storage.
- Permission Collection
- The user must have Read permissions to the requested shares and all its folders on the Azure Files storage.
- Data Classification
- The user must have Read permissions to the requested shares and all its folders on the Azure Files storage.
Communications Requirements
Requirement | Source | Destination | Port |
---|---|---|---|
File Access Manager Message Broker | Permission Collector / Data Classification Collector | RabbitMQ | 5671 |
Permissions Collector /Data Classification Analysis | Permissions Collector/Data Classification Server | Monitored Azure Files Storage | CIFS/SMB (139, 445) |
How to Use Proxy in a File Access Manager Environment
- ALL_PROXY
- The proxy server used on HTTP and/or HTTPS requests in case HTTP_PROXY and/or HTTPS_PROXY are not defined.
- Example:
10.10.10.10:8080
- NO_PROXY
- A comma-separated list of hostnames that should be excluded from proxying.
- Example:
SOME.DOMAIN.COM,LocalFAMServer1,LocalFAMServer2