Skip to main content

Network resource management software components

Bravura Identity manages different types of resources using connectors and programs shipped with Connector Pack in the agent directory:

  • The nrcifs program binds managed group to a specific resource whose access is mediated by membership in a group on an Active Directory DN target system. These resources include shares, folders, printers, and mail distribution lists.

  • The nrshrpt program binds managed group to a specific resource managed by a SharePoint Resource target system. SharePoint resources include sites and documents.

Bravura Identity requires network resource management programs to:

  • List network resources

  • List permissions for each network resource

  • List the owners of a network resource

  • Add or delete owners for a network resource

  • List the ACLs on a directory or share

The Bravura Identity network resource management feature works with the following web modules and services:

Program

Purpose

View and update profile (IDR) module

Empowers users to request access to resources.

Help users (IDA) module

Allows help desk users to make changes to users’ access.

Requests app

Enables users to view the status of their requests.

Workflow Manager Service

Receives requests for authorization workflow.

Process for gaining access to a Windows shared folder

In general, the process for gaining access to a Windows shared folder is as follows:

  1. A Network Administrator creates a shared folder on the target system.

  2. A Network Administrator grants permissions, using groups, to control access to the shared folder.

  3. A target system is configured to manage network resources.

  4. A user (requester) logs into the Bravura Security Fabric web application and selects the network resources link.

    Bravura Security Fabric displays a search page.

  5. The user selects the share that he wants to view.

    The nrcifs program gathers initial information about the share and displays a tree view of the folders in the selected share.

  6. The user browses for and selects a folder where access is desired.

    The nrcifs program gathers additional information about the share and displays a list of groups that have privileges on the share as well as the groups’ owners and read / write privileges.

  7. The user selects a group to join and submits the request.

    Bravura Security Fabric enters the request into the authorization workflow.

  8. The Workflow Manager Service routes the request to the selected group owner for authorization.

  9. After authorization is complete the Transaction Monitor Service runs a connector program that adds the user to the selected group on the target system.

When users are granted membership in a group they are granted access to all the resources that the group has permission to access. Likewise, taking away users’ access to a particular resource results in the users losing their membership in the group that was providing the access, and losing access to all the resources the group has permission to access.

Shell Extension for slow or distant topologies

The Shell Extension provides an alternative method of managing network resources. It works in conjunction with Bravura Identity to allow efficient access to protected network resources. It is recommended for implementations where the network infrastructure is non-simplistic or there are shares located far away from Bravura Security Fabric .

Once installed, the Shell Extension is embedded into the operating system. Instead of logging into Bravura Identity , requesting access is as simple as a right-click or double click on the protected resource.

In this section: