We are running DLP 11.1 and are trying to implement Discover. I am a DLP discover newb, so if I am missing something simple let me know!
Let me provide the scenario.
We have a file server (actually an EMC NAS) has has c:\shares\sharename (most shares are departmental).
Issue 1:
The administrator is complaining that adding a single account with the necessary permissions to each share will be a great deal of work. (We do have MANY shares). I am able to scan the root C:\ and access each folder that is a share. However, this shows all the data to be on \\servername\c:
I would like to be able to break this out in reports via share to attack the data in that manner. Then I could contact Dept1 about the data in their share, Dept2 about the data their share,etc. If I were able to scan by accessing the shares, I could do this.
Issue 2:
However, now he has presented me with another issue. His intent is to break all the department shares out like so:\\Servername\DeptShares (as the single share point). Then he will use folder permissions to limit access to each folder. Access based enumeration will be used to "hide" the inaccessible folders from users in order to avoid confusion.
So, even if I have share permissions setup on all our current shares, when the redesign takes place, I am right back where I started.
Should I just be doing this a different way?
Any and all suggestions are welcome!