Access Fulfillment
The Access Fulfillment module assists organizations in managing permissions automatically on managed business resources (BRs).
The main steps of the access fulfillment process are:
-
A user initiates an access request to receive permissions to a BR.
-
The administrator assigned the relevant approval tasks to all required reviewers.
-
All required reviewers review and approve or deny the access request.
-
File Access Manager automatically fulfills the access request through the relevant Identity Collectors and the Collector Synchronizer service.
See section Review Process for further information about the review process as it affects Access Fulfillment.
Fulfillment for Managed and Unmanaged BRs
Access fulfillment can be initiated by a user’s access request, or as the outcome of a campaign, whereby the systems recommends revoking a user’s access permission.
There are several methods for access fulfillment:
- Automatic fulfillment using File Access Manager functions. This process works on managed BRs -BRs that underwent a normalization process, as described in the sections below.
- Automatic fulfillment using a customer supplied script. This process works on unmanaged BRs only.
- Manual fulfillment - the user responsible for the fulfillment will receive a fulfillment task.
- The type of fulfillment is determined by the business resource type, and the setting of the Fulfillment type.
| Fulfillment field | Managed BRs | Unmanaged BRs |
|---|---|---|
| None | No action | No action |
| Fulfill Access Request / Manual Fulfillment Review Process | Fulfillment processed automatically by the system | Manual fulfillment process. The user performing the fulfillment must mark the task as done. |
| Execute Custom Script | Fulfillment processed automatically by the system | Fulfillment processed automatically, calling the custom script for each BR. |
Supported Applications
The system supports Access fulfillment for the following applications:
| Target System | Products and Supported Versions |
|---|---|
| Base Product | Microsoft Active Directory |
| On-premises File Storage | Microsoft Windows |
| Microsoft SharePoint | |
| NAS File Storage | NetApp for CIFS |
| EMC Celerra/VNX/Unity for CIFS | |
| EMC Isilon for CIFS | |
| Hitachi HNAS | |
| DFS for CIFS |
