Skip to content

Prerequisites

Make sure your system fits the descriptions below before starting the installation.

Software Requirements

File Access Manager requires the latest ASP.NET Core 6.0.x Hosting Bundle. This bundle consists of .NET Runtime and ASP .NET Core Runtime. You can download the latest 6.0.x Hosting Bundle version from here.

Backup Operator Privileges

The user configured in the permissions perquisites section must be a member of the local Backup Operator group of the file server. It eliminates the need to grant explicit permissions to the File Access Manager user to all the folders on the file server. By using the Backup Operator privilege, File Access Manager can crawl, collect permissions, and classify data even if the user does not have explicit permissions to the folder.

Permissions

File Access Manager requires different permissions, based on the tasks that require those permissions. The user configured in the Application configuration wizard must have the following permissions on the file server:

  • Share Read permissions to all shares on the file server
  • Full Control permission for each normalized folder
  • Member of the local Backup Operators group on the file server
  • Member of the local Administrators group on the file server

Why do we need this access?

The following detailed explanation describes required permissions by each File Access Manager task:

Activity Monitoring

  • No special permission is required, since the Activity Monitor service runs locally on the monitored service with Local System privileges.

Crawling

  • The user must have Share Read permissions to all the shares on the file server.
  • The user must be a member of the local Backup Operators group on the file server.

Permission Collection

  • The user must have Share Read permissions to all the shares on the server.
  • The user must be member of the local Backup Operators group on the server.
  • The user must be a member of the local Administrators group to read the Share Permissions, and the local Users and Groups of the server.

Access Fulfillment

  • The user must have Full Control permission on the normalized folders to be able to set the permissions.

Data Classification

  • The user must have Share Read permissions for all the shares on the server.
  • The user must be member of the local Backup Operators group on the server.

Communications Requirements

Requirement Source Destination Port
File Access Manager Message Broker Permissions Collector/Data Classification Collector RabbitMQ 5671
File Access Manager Access Activity Monitor File Access Manager Servers 8000-8008
Permissions Collector & Data Classification Analysis Permissions Collector/Data Classification Server Monitored server CIFS/SMB (139, 445)