Before you enable the Data Warehouse, you may need to specify the Unrestricted Search User database account. This database account corresponds to the 'Unrestricted' security model. CA DLP consoles and external reporting tools can use this database account when searching the CA DLP Data Warehouse and CMS database for events. Unlike normal Search User database accounts, the Unrestricted Search User is not subject to row level security (RLS) when searching the database. If a reviewer has 'Unrestricted' security model, the reviewer can see any events when they run a search or report. Search results or reports are not restricted by policy class or the reviewer’s management group.
To specify an existing Unrestricted Search User
From a command prompt in the \system subfolder of the CA DLP installation folder on the CMS, run the following command:
wgninfra -localexec wigan/schema/Schema SetUser Unrestricted <Username> <Password>
Where <Username> and <Password> specify the username and password for the database account.
To create and specify the Unrestricted Search User
If this database account does not already exist, you must create it. If required, you can run a variation of the previous command to create a new database account and set this account to be the Unrestricted Search User.
From a command prompt in the \system subfolder of the CA DLP installation folder on the CMS, run the following command:
wgninfra -localexec wigan/schema/Schema SetUser Unrestricted <Username> <Password> [Create <dbAdminUsername>]
Where <dbAdminUserName> specifies a Database Administrator User that CA DLP can use to log in to SQL Server or Oracle to create the new Unrestricted Search User.
|
Copyright © 2012 CA.
All rights reserved.
|
|