Data Loss Prevention

hi all, please help me on this.

we had two domains.

domain one and domain two; 

in Domain One : we had ENFORCE       ((( this DLP server already joined to domain one)

                                    Network monitor

                                    detection server

in Domain two, we plan to add another detection server.

question  is ::: we wanted to add  ADMINISTRATOR(domain admin of Domain two) through the ENForce console

is this possible??

thanks...

I don't think this will be configurable. 

If you want to use the credentials in the domain to log into DLP Enforce, you need to configure the Kerberos protocol.

I think you can configure only one domain to accept the Kerberos authentication from DLP Enforce.

Do you want administrator (domain 2) to be able to login to the console, or do you administator (domain 2) to be able to do things like discover scans on domain 2?

Hi.

 Do you want administrator (domain 2) to be able to login to the console? YES. how to do it?

if DLP server is join to domain One. is that possible??

in dlp console, I tried to add DOMAIN 2 in a domain list. but it cant log in.

and also tried it to log as an admin of domain one. but still cant log in. :)

so i reinstall the enforce all over again. 

Hello,

The Administrator account that can log into the DLP Console is NOT the same as Administrator Domain account. The Administrator account is built into to the DLP console and will not authenticate with the domain.

So there is no way to authenticate the Administrator account FROM ANY domain on the DLP console.

Hope this makes sense.

If this solves your questions please marked as solved.

Ronak

ok, as i see in console you can activate the authentication in any domain.

please see attachement