How does Data Governance Edition acquire access data?
How does the audit of file share access rights work if AD does not contain such information and GPO policies do not regulate this?
How does D1IM register the fact of accessing shared folder by particular user?
The audit of access rights is obtained differently depending on the operating system of the managed host. The security information of resources on a managed host is collected from that managed host itself in any case (with remote agents, the managed host is still queried for the information). Active Directory synchronization within D1IM stores a list of group memberships which is referenced when the security lists are built. They do not pull directly from AD for enumeration when security of a resource is queried.
This is also dependent on the Managed Host’s operating system. For example, for Windows there is a local driver installed during agent installation that intercepts calls to the operating system to identify activity on the host; NetAPP and EMC require no such local driver, and instead the native APIs are used.