Setting up network resource management
In order to implement network resource management using Bravura Identity :
Prepare the resource on the external target system.
See Prepare resources on target systems for more information.
Add the target system that mediates access to the resource.
Set the Managed group/Network resource target system type option to the appropriate value.
See Configure target systems for network resource management for more information.
Add the network resource to Bravura Identity .
See Add network resources for more information.
Manage groups to define owners of network resources.
You can manually select which groups you want managed, or allow Bravura Identity to select them for you.
See Groups for more information.
Configure additional features and settings.
See Network management resource options for more information.
Prepare resources on target systems
All shared resources to which users are going to request access must be correctly configured on the target system. Bravura Security Fabric ’s ability to successfully control access to the resources depends heavily on how the resources are configured on the target system.
Some thought must be given to planning how many groups need to be created and what resources they will have permission to access, so that adding or removing a user’s membership in a group provides them with the exact access to network resources that they need. To provide access to resources on a resource-by-resource basis, you need to create a group for each resource.
In general, you must do the following:
Create groups with appropriate permissions to control access to the resources that are going to be managed by Bravura Security Fabric .
Ensure that each group has an owner (recommended).
Bravura Security Fabric can use group owners as authorizers for requests to join the group.
Ensure that all resources to be managed have the correct groups assigned to them.
For details refer to Connector Pack documentation:
Setting up network resources for Active Directory DN
Setting up network resources for Sharepoint Server
Configure target systems for network resource management
Configure target systems that support network resource management in Bravura Security Fabric .
Active Directory DN
For a resource whose access is mediated by membership in Active Directory DN groups, ensure that the target system is configured as follows:
Setting | Value |
|---|---|
Target type | Active Directory DN |
Manage group / Network resource target system type | SMB Protocol for Active Directory DN |
Target address | For a share / folder, this is the domain where the share is published. You set the path to individual shares when you add resources. For a printer, this is the print server or domain where printers are published. For a mail distribution list, this is the domain where distribution groups are stored. |
See Targeting Active Directory DN in the Connector Pack documentation for details on setting up Active Directory for network resource management.
SharePoint
For a resource whose access is mediated by membership in SharePoint resources, ensure that the target system is configured as follows:
Setting | Value |
|---|---|
Target type | SharePointServer |
Manage group / Network resource target system type | SharePointResource |
Target address | Main URL of the site, followed by a colon, then the port number, a slash, and the site name. For example: http://sharepoint1:2427/site1/site2/ |
See Targeting the SharePoint server in the Connector Pack documentation for further details on setting up a Sharepoint target system for network resource management.