Symantec IGA

Hello everyone, I am currently implementing identity governance and I want to know if it is possible to adjust user access to the governance interface, that is, restrict views, access to modules or be able to create query-only users. I would appreciate it very much since I do not understand much about this access issue in this application.

There are a few OOTB roles that can grant to specific users to give them extra access other than the default role that everyone gets by default.  The OOTB "Compliance officer Role" is an example.  I usually create a role called "Auditor" which gives access to the dashboard and reports menus, which are read-only by nature.  This custom role gives more access than the role everyone gets by default, but less access than the OOTB "Compliance Officer Role".  

In the documentation, there is a chapter titled "Permissions" which covers this topic in detail.

------------------------------
[JobTitle]
[CompanyName]
[State]
------------------------------

Original Message:
Sent: Oct 10, 2022 10:54 AM
From: Wilson Cardenas
Subject: restrictions on modules or profile only query Identity Governance

Hello everyone, I am currently implementing identity governance and I want to know if it is possible to adjust user access to the governance interface, that is, restrict views, access to modules or be able to create query-only users. I would appreciate it very much since I do not understand much about this access issue in this application.

Hi Ricky,

As I explained in the last post, I don't know much, can you tell me if the configuration or creation of the role is directly in Governance or Identity Manager, can you refer to the document please.
Thanks for your help.
Original Message:
Sent: Oct 11, 2022 09:57 AM
From: Ricky Gloden
Subject: restrictions on modules or profile only query Identity Governance

There are a few OOTB roles that can grant to specific users to give them extra access other than the default role that everyone gets by default.  The OOTB "Compliance officer Role" is an example.  I usually create a role called "Auditor" which gives access to the dashboard and reports menus, which are read-only by nature.  This custom role gives more access than the role everyone gets by default, but less access than the OOTB "Compliance Officer Role".

In the documentation, there is a chapter titled "Permissions" which covers this topic in detail.

------------------------------
[JobTitle]
[CompanyName]
[State]

Original Message:
Sent: Oct 10, 2022 10:54 AM
From: Wilson Cardenas
Subject: restrictions on modules or profile only query Identity Governance

Hello everyone, I am currently implementing identity governance and I want to know if it is possible to adjust user access to the governance interface, that is, restrict views, access to modules or be able to create query-only users. I would appreciate it very much since I do not understand much about this access issue in this application.

Hi Wilson,

Thus comes down to a special cfg configuration: Eurekify.cfg 
You can read from the manual looking for this file, or in pages like techdocs.broadcom.com/us/en/symantec-security-software/identity-security/identity-governance/14-4/configuring/permissions/resources-in-the-permissions-configuration.html

I hope it helps,
Original Message:
Sent: Oct 11, 2022 03:53 PM
From: Wilson Cardenas
Subject: restrictions on modules or profile only query Identity Governance

Hi Ricky,

As I explained in the last post, I don't know much, can you tell me if the configuration or creation of the role is directly in Governance or Identity Manager, can you refer to the document please.
Thanks for your help.
Original Message:
Sent: Oct 11, 2022 09:57 AM
From: Ricky Gloden
Subject: restrictions on modules or profile only query Identity Governance

There are a few OOTB roles that can grant to specific users to give them extra access other than the default role that everyone gets by default.  The OOTB "Compliance officer Role" is an example.  I usually create a role called "Auditor" which gives access to the dashboard and reports menus, which are read-only by nature.  This custom role gives more access than the role everyone gets by default, but less access than the OOTB "Compliance Officer Role".

In the documentation, there is a chapter titled "Permissions" which covers this topic in detail.

------------------------------
[JobTitle]
[CompanyName]
[State]

Original Message:
Sent: Oct 10, 2022 10:54 AM
From: Wilson Cardenas
Subject: restrictions on modules or profile only query Identity Governance

Hello everyone, I am currently implementing identity governance and I want to know if it is possible to adjust user access to the governance interface, that is, restrict views, access to modules or be able to create query-only users. I would appreciate it very much since I do not understand much about this access issue in this application.

Hello Eduard, thank so much for the information, i apply the procedure.
Original Message:
Sent: Oct 14, 2022 02:50 AM
From: Eduard Palomeras
Subject: restrictions on modules or profile only query Identity Governance

Hi Wilson,

Thus comes down to a special cfg configuration: Eurekify.cfg
You can read from the manual looking for this file, or in pages like techdocs.broadcom.com/us/en/symantec-security-software/identity-security/identity-governance/14-4/configuring/permissions/resources-in-the-permissions-configuration.html

I hope it helps,
Original Message:
Sent: Oct 11, 2022 03:53 PM
From: Wilson Cardenas
Subject: restrictions on modules or profile only query Identity Governance

Hi Ricky,

As I explained in the last post, I don't know much, can you tell me if the configuration or creation of the role is directly in Governance or Identity Manager, can you refer to the document please.
Thanks for your help.
Original Message:
Sent: Oct 11, 2022 09:57 AM
From: Ricky Gloden
Subject: restrictions on modules or profile only query Identity Governance

There are a few OOTB roles that can grant to specific users to give them extra access other than the default role that everyone gets by default.  The OOTB "Compliance officer Role" is an example.  I usually create a role called "Auditor" which gives access to the dashboard and reports menus, which are read-only by nature.  This custom role gives more access than the role everyone gets by default, but less access than the OOTB "Compliance Officer Role".

In the documentation, there is a chapter titled "Permissions" which covers this topic in detail.

------------------------------
[JobTitle]
[CompanyName]
[State]

Original Message:
Sent: Oct 10, 2022 10:54 AM
From: Wilson Cardenas
Subject: restrictions on modules or profile only query Identity Governance

Hello everyone, I am currently implementing identity governance and I want to know if it is possible to adjust user access to the governance interface, that is, restrict views, access to modules or be able to create query-only users. I would appreciate it very much since I do not understand much about this access issue in this application.

Are you able to instruct where the Eurekify.cfg file would be located? I searched for that file name and could not find it anywhere on the tools server; which is where it should be.

Thank you in advance

Original Message:
Sent: Oct 14, 2022 02:50 AM
From: Eduard Palomeras
Subject: restrictions on modules or profile only query Identity Governance

Hi Wilson,

Thus comes down to a special cfg configuration: Eurekify.cfg
You can read from the manual looking for this file, or in pages like techdocs.broadcom.com/us/en/symantec-security-software/identity-security/identity-governance/14-4/configuring/permissions/resources-in-the-permissions-configuration.html

I hope it helps,
Original Message:
Sent: Oct 11, 2022 03:53 PM
From: Wilson Cardenas
Subject: restrictions on modules or profile only query Identity Governance

Hi Ricky,

As I explained in the last post, I don't know much, can you tell me if the configuration or creation of the role is directly in Governance or Identity Manager, can you refer to the document please.
Thanks for your help.
Original Message:
Sent: Oct 11, 2022 09:57 AM
From: Ricky Gloden
Subject: restrictions on modules or profile only query Identity Governance

There are a few OOTB roles that can grant to specific users to give them extra access other than the default role that everyone gets by default.  The OOTB "Compliance officer Role" is an example.  I usually create a role called "Auditor" which gives access to the dashboard and reports menus, which are read-only by nature.  This custom role gives more access than the role everyone gets by default, but less access than the OOTB "Compliance Officer Role".

In the documentation, there is a chapter titled "Permissions" which covers this topic in detail.

------------------------------
[JobTitle]
[CompanyName]
[State]

Original Message:
Sent: Oct 10, 2022 10:54 AM
From: Wilson Cardenas
Subject: restrictions on modules or profile only query Identity Governance

Hello everyone, I am currently implementing identity governance and I want to know if it is possible to adjust user access to the governance interface, that is, restrict views, access to modules or be able to create query-only users. I would appreciate it very much since I do not understand much about this access issue in this application.

I was looking to see if there was a folder path designated for the Eurekify.cfg. I know you will not be able to give me direct path as it depends where we installed files, but should maybe be in a particular folder structure. I searched our folders and was unable to find this file anywhere on the tool server we have Governance installed on.

Thank you in advance.
Original Message:
Sent: Oct 14, 2022 02:50 AM
From: Eduard Palomeras
Subject: restrictions on modules or profile only query Identity Governance

Hi Wilson,

Thus comes down to a special cfg configuration: Eurekify.cfg
You can read from the manual looking for this file, or in pages like techdocs.broadcom.com/us/en/symantec-security-software/identity-security/identity-governance/14-4/configuring/permissions/resources-in-the-permissions-configuration.html

I hope it helps,
Original Message:
Sent: Oct 11, 2022 03:53 PM
From: Wilson Cardenas
Subject: restrictions on modules or profile only query Identity Governance

Hi Ricky,

As I explained in the last post, I don't know much, can you tell me if the configuration or creation of the role is directly in Governance or Identity Manager, can you refer to the document please.
Thanks for your help.
Original Message:
Sent: Oct 11, 2022 09:57 AM
From: Ricky Gloden
Subject: restrictions on modules or profile only query Identity Governance

There are a few OOTB roles that can grant to specific users to give them extra access other than the default role that everyone gets by default.  The OOTB "Compliance officer Role" is an example.  I usually create a role called "Auditor" which gives access to the dashboard and reports menus, which are read-only by nature.  This custom role gives more access than the role everyone gets by default, but less access than the OOTB "Compliance Officer Role".

In the documentation, there is a chapter titled "Permissions" which covers this topic in detail.

------------------------------
[JobTitle]
[CompanyName]
[State]

Original Message:
Sent: Oct 10, 2022 10:54 AM
From: Wilson Cardenas
Subject: restrictions on modules or profile only query Identity Governance

Hello everyone, I am currently implementing identity governance and I want to know if it is possible to adjust user access to the governance interface, that is, restrict views, access to modules or be able to create query-only users. I would appreciate it very much since I do not understand much about this access issue in this application.

Eurekify.cfg is not within any folder but on database. You will need to
use the client tool to connect to the DB to export the files or use the
entity browser within the portal to view it.

Regards,
Frank

On Mon, Oct 17, 2022 at 5:49 PM Christopher Barbour via Broadcom <
Mail@connectedcommunity.org> wrote:

> I was looking to see if there was a folder path designated for the
> Eurekify.cfg. I know you will not be able to give me direct path as it
> depends... -posted to the "Symantec IGA" community
> [image: Broadcom] <https: community.broadcom.com="">
> Symantec IGA
> <https: community.broadcom.com/enterprisesoftware/communities/community-home/digestviewer?communitykey="783a8a1e-bb2b-473a-a0c3-7be7b1d92c60">
> Post New Message
> <broadcom-layer7identitymanagement@connectedcommunity.org>
> Re: restrictions on modules or profile only query Identity Governance
> <https: community.broadcom.com/enterprisesoftware/discussion/restrictions-on-modules-or-profile-only-query-identity-governance#bmadc381b2-6dad-4b68-b972-06045cdf05b4="">
> Reply to Group
> <broadcom_layer7identitymanagement_adc381b2-6dad-4b68-b972-06045cdf05b4@connectedcommunity.org?subject=re:+restrictions+on+modules+or+profile+only+query+identity+governance> Reply
> to Sender
> <https: community.broadcom.com/enterprisesoftware/communities/all-discussions/postreply?messagekey="adc381b2-6dad-4b68-b972-06045cdf05b4&ListKey=55a9ce74-6849-40d1-9be3-f37db03801e8&SenderKey=603084e1-5a94-47dd-a804-642dfa40bf4e">
> [image: Christopher Barbour]
> <https: community.broadcom.com/network/members/profile?userkey="603084e1-5a94-47dd-a804-642dfa40bf4e">
> Oct 17, 2022 5:49 PM
> Christopher Barbour
> <https: community.broadcom.com/network/members/profile?userkey="603084e1-5a94-47dd-a804-642dfa40bf4e">
> I was looking to see if there was a folder path designated for the
> Eurekify.cfg. I know you will not be able to give me direct path as it
> depends where we installed files, but should maybe be in a particular
> folder structure. I searched our folders and was unable to find this file
> anywhere on the tool server we have Governance installed on.
>
> Thank you in advance.
> *Reply to Group Online
> <https: community.broadcom.com/enterprisesoftware/communities/all-discussions/postreply?messagekey="adc381b2-6dad-4b68-b972-06045cdf05b4&ListKey=55a9ce74-6849-40d1-9be3-f37db03801e8">*
> *Reply to Group via Email
> <broadcom_layer7identitymanagement_adc381b2-6dad-4b68-b972-06045cdf05b4@connectedcommunity.org?subject=re:+restrictions+on+modules+or+profile+only+query+identity+governance>*
> *View Thread
> <https: community.broadcom.com/enterprisesoftware/discussion/restrictions-on-modules-or-profile-only-query-identity-governance#bmadc381b2-6dad-4b68-b972-06045cdf05b4="">*
> *Recommend
> <https: community.broadcom.com:443/enterprisesoftware/discussion/restrictions-on-modules-or-profile-only-query-identity-governance?messagekey="adc381b2-6dad-4b68-b972-06045cdf05b4&cmd=rate&cmdarg=add#bmadc381b2-6dad-4b68-b972-06045cdf05b4">*
> *Forward
> <https: community.broadcom.com/enterprisesoftware/communities/all-discussions/forwardmessages?messagekey="adc381b2-6dad-4b68-b972-06045cdf05b4&ListKey=55a9ce74-6849-40d1-9be3-f37db03801e8">*
> *Flag as Inappropriate
> <https: community.broadcom.com/enterprisesoftware/discussion/restrictions-on-modules-or-profile-only-query-identity-governance?markappropriate="adc381b2-6dad-4b68-b972-06045cdf05b4#bmadc381b2-6dad-4b68-b972-06045cdf05b4">*
>
> -------------------------------------------
> Original Message:
> Sent: Oct 14, 2022 02:50 AM
> From: Eduard Palomeras
> Subject: restrictions on modules or profile only query Identity Governance
>
> Hi Wilson,
>
> Thus comes down to a special cfg configuration: Eurekify.cfg
> You can read from the manual looking for this file, or in pages like
> techdocs.broadcom.com/us/en/symantec-security-software/identity-security/identity-governance/14-4/configuring/permissions/resources-in-the-permissions-configuration.html
>
> I hope it helps,
> Original Message:
> Sent: Oct 11, 2022 03:53 PM
> From: Wilson Cardenas
> Subject: restrictions on modules or profile only query Identity Governance
>
> Hi Ricky,
>
> As I explained in the last post, I don't know much, can you tell me if the
> configuration or creation of the role is directly in Governance or Identity
> Manager, can you refer to the document please.
> Thanks for your help.
> Original Message:
> Sent: Oct 11, 2022 09:57 AM
> From: Ricky Gloden
> Subject: restrictions on modules or profile only query Identity Governance
>
> There are a few OOTB roles that can grant to specific users to give them
> extra access other than the default role that everyone gets by default.
> The OOTB "Compliance officer Role" is an example. I usually create a role
> called "Auditor" which gives access to the dashboard and reports menus,
> which are read-only by nature. This custom role gives more access than the
> role everyone gets by default, but less access than the OOTB "Compliance
> Officer Role".
>
> In the documentation, there is a chapter titled "Permissions" which covers
> this topic in detail.
>
> ------------------------------
> [JobTitle]
> [CompanyName]
> [State]
>
> Original Message:
> Sent: Oct 10, 2022 10:54 AM
> From: Wilson Cardenas
> Subject: restrictions on modules or profile only query Identity Governance
>
> Hello everyone, I am currently implementing identity governance and I want
> to know if it is possible to adjust user access to the governance
> interface, that is, restrict views, access to modules or be able to create
> query-only users. I would appreciate it very much since I do not understand
> much about this access issue in this application.
>
>
>
> You are subscribed to "Symantec IGA" as yuan-heng.lin@broadcom.com. To
> change your subscriptions, go to My Subscriptions
> <http: community.broadcom.com/preferences?section="Subscriptions">. To
> unsubscribe from this community discussion, go to Unsubscribe
> <http: community.broadcom.com/higherlogic/egroups/unsubscribe.aspx?userkey="5689bd0e-1cba-49fb-abc4-50c197f3e9b8&sKey=KeyRemoved&GroupKey=55a9ce74-6849-40d1-9be3-f37db03801e8">.
>
>
> Copyright © 2005-2022 Broadcom. All Rights Reserved. The term "Broadcom"
> refers to Broadcom Inc. and/or its subsidiaries.
>
> Hosted by Higher Logic, LLC on the behalf of Broadcom - Privacy Policy
> <https: www.broadcom.com/company/legal/privacy-policy=""> | Cookie Policy
> <https: www.higherlogic.com/legal/privacy=""> | Supply Chain Transparency
> <https: www.broadcom.com/company/citizenship/governance-and-ethics#supply="">
> | Terms of Use <http: termsandconditions="">
>


--
*Yuan-Heng (Frank) Lin*
Principal Support Engineer | Enterprise Software Division
Broadcom
Please visit our new training site https://imsacademy.broadcom.com for free
Identity Security product videos.

--
This electronic communication and the information and any files transmitted
with it, or attached to it, are confidential and are intended solely for
the use of the individual or entity to whom it is addressed and may contain
information that is confidential, legally privileged, protected by privacy
laws, or otherwise restricted from disclosure to anyone else. If you are
not the intended recipient or the person responsible for delivering the
e-mail to the intended recipient, you are hereby notified that any use,
copying, distributing, dissemination, forwarding, printing, or copying of
this e-mail is strictly prohibited. If you received this e-mail in error,
please return the e-mail to the sender, delete it from your computer, and
destroy any printed copy of it.


Original Message:
Sent: 10/17/2022 12:38:00 PM
From: Christopher Barbour
Subject: RE: restrictions on modules or profile only query Identity Governance

I was looking to see if there was a folder path designated for the Eurekify.cfg. I know you will not be able to give me direct path as it depends where we installed files, but should maybe be in a particular folder structure. I searched our folders and was unable to find this file anywhere on the tool server we have Governance installed on.

Thank you in advance.
Original Message:
Sent: Oct 14, 2022 02:50 AM
From: Eduard Palomeras
Subject: restrictions on modules or profile only query Identity Governance

Hi Wilson,

Thus comes down to a special cfg configuration: Eurekify.cfg
You can read from the manual looking for this file, or in pages like techdocs.broadcom.com/us/en/symantec-security-software/identity-security/identity-governance/14-4/configuring/permissions/resources-in-the-permissions-configuration.html

I hope it helps,
Original Message:
Sent: Oct 11, 2022 03:53 PM
From: Wilson Cardenas
Subject: restrictions on modules or profile only query Identity Governance

Hi Ricky,

As I explained in the last post, I don't know much, can you tell me if the configuration or creation of the role is directly in Governance or Identity Manager, can you refer to the document please.
Thanks for your help.
Original Message:
Sent: Oct 11, 2022 09:57 AM
From: Ricky Gloden
Subject: restrictions on modules or profile only query Identity Governance

There are a few OOTB roles that can grant to specific users to give them extra access other than the default role that everyone gets by default.  The OOTB "Compliance officer Role" is an example.  I usually create a role called "Auditor" which gives access to the dashboard and reports menus, which are read-only by nature.  This custom role gives more access than the role everyone gets by default, but less access than the OOTB "Compliance Officer Role".

In the documentation, there is a chapter titled "Permissions" which covers this topic in detail.

------------------------------
[JobTitle]
[CompanyName]
[State]

Original Message:
Sent: Oct 10, 2022 10:54 AM
From: Wilson Cardenas
Subject: restrictions on modules or profile only query Identity Governance

Hello everyone, I am currently implementing identity governance and I want to know if it is possible to adjust user access to the governance interface, that is, restrict views, access to modules or be able to create query-only users. I would appreciate it very much since I do not understand much about this access issue in this application.</http:></https:></https:></https:></http:></http:></https:></https:></https:></https:></broadcom_layer7identitymanagement_adc381b2-6dad-4b68-b972-06045cdf05b4@connectedcommunity.org?subject=re:+restrictions+on+modules+or+profile+only+query+identity+governance></https:></https:></https:></https:></broadcom_layer7identitymanagement_adc381b2-6dad-4b68-b972-06045cdf05b4@connectedcommunity.org?subject=re:+restrictions+on+modules+or+profile+only+query+identity+governance></https:></broadcom-layer7identitymanagement@connectedcommunity.org></https:></https:>