Video Screencast Help

How to let users login by AD and check their incidents?

Created: 17 Mar 2013 • Updated: 11 Aug 2014 | 3 comments
Rexlin's picture
This issue has been solved. See solution.

My customer want DLP Enforce can let domain users login by Active Directory Authentication and check himself/herself incidents like some antispam device interface, it it possible? I have an idea to make a role for domain users, but how to config "Incident Access" condition to make users only can see himself/herself incidents?

Operating Systems:

Comments 3 CommentsJump to latest comment

pete_4u2002's picture

its in the role, you can define what all incidents that role can view.

stephane.fichet's picture

Hi rexlin,

 

 dont think it is possible as you cannot use dynamic parameters (like login name, or group membership,...) in role definition. So you will have to define one role per user (oumf...).

 First time i heard about this kind of wish for a customer. What will happen if it is a real data leakage ? if you need to perform awareness using the tool, i think it is better to use endpoint popup each time you detect something. But "customer is our king" and if he want to have this functionality you have to do give him. What you can use instead it is an email send to them to inform that they violate a policy and give some information using dynamic notification parameters.

 

regards.

Jsneed's picture

You can use the symantec workflow engine (which is free for enterprise customers) to do this.  Check out this forum post and video.

https://www-secure.symantec.com/connect/videos/wan...

 

SOLUTION