CA DataMinder supports the following administrative privileges:
Allows a user to search for user, group or machine accounts in the Administration console.
Allows a user to view dashboards in the iConsole.
Allows a user to edit the raw SQL search expression generated in the SQL tab when searching for administration data or captured data. Without this privilege, users can view but cannot edit the SQL tab. All administrators get this privilege automatically.
Important! Because this privilege permits users to write unrestricted SQL queries, we strongly recommend that it is granted to other user roles only when absolutely necessary.
Allows a user to acquire any new privilege added to CA DataMinder after an upgrade. Only the primary administrator and users with the administrator role get this privilege automatically.
Important! Because this privilege assigns potentially unknown privileges, we strongly recommend that it is granted to other users only when absolutely necessary.
Allows a user to bypass security restrictions and search for events outside of their management group. It also enables a user to search for events that are not associated with a CA DataMinder user. Only users with the administrator role get this privilege automatically.
Important! Because this privilege permits users to bypass security, we strongly recommend that it is granted to users only when absolutely necessary.
Allows a user to define audit status descriptions and customized user attributes.
Allows a user to add new user roles and to modify the default set of administrative privileges assigned to each user role.
Allows a user to install a license file on the CMS. The license file determines which policy modules are available in your CA DataMinder installation.
Allows a user to view or edit system files on the CMS using the System File Explorer. For example, users can install a new definition file for US Social Security numbers.
Allows a user to access the Administration tab in the iConsole. This tab enables users to manage searches and reports and to define custom iConsole configurations for user roles. For example, this privilege permits a user to install and publish a new search and to specify which user roles can run the new search. This privilege also allows a user to define the default layout for the home page.
Typically, only administrators have this privilege.
Allows a user to add, modify or remove security models. This also allows a user to set the database credentials for each security model (these are the database accounts that CA DataMinder uses to access the CMS database).
This privilege also lets users set the password for the database primary user (by default, WGNUSER).
Note: This privilege is not connected to the 'Users: Reset user passwords' privilege; see below.
Allows a user to log on with single sign-on, even if the CMS machine policy setting Allow single sign-on? is set to False.
Allows a user to set up registered content agents.
If a user has neither this privilege nor View content agents (see below), the Registered Content Agents branch is hidden from the user in the Administration console.
Note: This privilege does not affect an administrator's ability to configure Content Agent triggers.
Allows a user to view registered content agent details.
Note: This privilege does not affect an administrator's ability to configure Content Agent triggers.
Allows a user to change the audit status of an event without needing to view it. This also makes it possible to change the audit status of multiple events in a single operation.
Allows a user to view events without adding a Viewed Event entry to the audit trail. Other audit activities, such as changing an event status or forwarding a copy of the event via email will create an audit entry.
Allows a user to export events (to either a self-contained web site, or a Microsoft Personal Folder) without adding a Exported Event entry to the audit trail.
Allows a user to choose whether to view events without adding a Viewed Event entry to the audit trail. The user is prompted to choose when opening the first event of a new search and that choice stands for all events in the current search results. If the same search is rerun, the user is prompted again.
Note: For full access to auditing features in the Audit tab, the user also needs the Audit: Update audit trail privilege - see below.
Allows a user to update the audit trail for an individual event.
Allows a user to view, but not update, the audit trail for an individual event.
Allows a user to access multiple CA DataMinder user accounts.
Allows a user to search for captured web and email documents based on their text content. Content searches look for documents saved and indexed in a CA DataMinder content database. They are available in the iConsole and Data Management console.
Allows a user to download an event in its original format, such as MSG files for email message.
Allows a user to run the Event Import utility.
Allows a user to search for captured web, email and application data in the iConsole and Data Management console.
Allows a user to export search results to either a self-contained web site, or a Microsoft Personal Folder (PST file).
Allows an iConsole reviewer to run 'unlimited' event searches. That is, the iConsole will return all events that match the search criteria, disregarding any result limits defined in the registry.
Note: For this privilege to take effect, the iConsole must be configured for unlimited searches. For details, see the Platform Deployment Guide; search the index for 'iConsole: search results, configuring'.
Allows a reviewer to edit the expiry date and 'do not delete' flag for an event.
Allows a user to either release or reject an email from quarantine.
Allows a user to view captured data associated with any user in their management group. This privilege also allows users to use the Content Indexer utility (a necessary task before using content agents or running content searches).
Allows a user to view the expiry date and 'do not delete' flag for an event.
Allows a user to manage machine accounts in the Machine Administration screen.
Note: This privilege also permits users to suspend and resume machines.
Allows a user to access the Log Files screen.
Allows a user to view existing machine accounts in the Machine Administration screen.
Allows a user to view and edit any machine policy and any user policy that falls within their management group.
Allows a user to edit the machine policy for the CMS. If you clear this check box, access to the CMS policy is denied but users can still edit other machine policies.
Allows a user to replicate any policy changes down to client machines immediately. If a user does not have this privilege, any changes they make will replicate automatically at intervals defined in the CMS policy.
Allows a user to view any machine policy and any user policy that falls within their management group.
Allows a user to access the User Administration screen and manage accounts for any user in their management group.
Allows a user to set a new CA DataMinder password for another user without knowing their existing password.
Note: This privilege does not apply to database logon passwords. These are governed by the Admin: Manage Security Models privilege - see above.
Allows a user to access the User Administration screen and view accounts for any user in their management group.
|
Copyright © 2014 CA.
All rights reserved.
|
|