Chat now with support
Chat with Support

Identity Manager Data Governance Edition 8.1.1 - IT Shop Resource Access Requests User Guide

Introduction Resource access requests Share creation requests Appendix: PowerShell commands

Introduction

Governing unstructured data allows you to manage data access, preserve data integrity, and provide content owners with the tools and workflows required to manage their own data.

By publishing a resource to the IT Shop, the resource is placed under governance and is then available for users to request access to it. You can publish and request access to NTFS shares, files and folders, and SharePoint objects from the site level and below. Beginning with Data Governance Edition version 7.0.1, you can request to have a file system share created that can then be made available to others through the IT Shop.

Table 1: Who uses the IT Shop for self-service resource access requests
User Tasks
Data Governance Administrator

Data Governance Administrators must be assigned to the Data Governance | Administrators application role. They must also be assigned to the Request & Fulfillment | IT Shop | Product Owners application role or an application role under the Product Owners role to approve IT Shop requests.

The Data Governance Administrator uses the Manager to ensure self-service resource access requests are available in the IT Shop. For more details on setting up the IT Shop, see Setting up resource access requests and Setting up share creation requests.

The Data Governance Administrator uses the web portal to perform the following tasks after a file share creation request is submitted:

  • Select the server for creating the file system share.
  • Define the groups created to access the file system share.
  • Approve or deny requests for creating file system shares.
  • Review approvals made in the past.

For more information, see Approving share creation requests.

Employee/end-user

The Resource Access shelf is available through the Identity & Access Lifecycle shop, which is included by default with the One Identity Manager installation. All active employees are automatically members of this shop and can therefore make requests.

End-users or resource consumers use the web portal to perform the following tasks:

  • Make IT Shop requests to gain access to resources or create file system shares.
  • Track the status of requests and answer inquires about requests.
  • Renew a request that is about to expire.

For more details on making resource access requests, see Requesting access to a governed resource and Requesting the creation of a file system share.

Business owner

Business owners must be assigned to the Data Governance | Direct Owners application role, which is automatically assigned when ownership is set. They must also be assigned to the Request & Fulfillment | IT Shop | Product Owners application role or an application role under the Product Owners role to approve IT Shop requests.

The business owner of a resource uses the web portal to perform the following tasks:

  • Approve or deny requests for resource access.
  • Request access on behalf of others, such as new employees.
  • Review approvals made in the past.

For more information, see Approving resource access requests.

Business owners who have both the Data Governance | Administrators and Data Governance | Direct Owners application roles assigned, can also use the web portal to define who can see and access owned resources. For more information, see Restricting access to self-service resource access requests.

Employee manager

Employee managers must be assigned to the Request & Fulfillment | IT Shop | Product Owners application role or an application role under the Product Owners role to approve IT Shop requests.

An employee's manager uses the web portal to perform the following tasks after a file system share creation request is submitted:

  • Approve or deny requests for creating file system shares.
  • Review approvals made in the past.

For more information, see Approving share creation requests.

About this guide

The One Identity Manager Data Governance Edition IT Shop Resource Access Requests User Guide is intended for employees interested in learning more about the IT Shop resource access and share creation request process. For Data Governance Administrators, it provides the setup instructions required to make self-service requests available to employees in the IT Shop. For employees, it explains how to initiate a request through the IT Shop and the approval processes used for each type of request. For business owners, group owners and managers, it explains how to approve or deny a request. For Data Governance Administrators, it explains how to select the server to host the new file system share and define the groups that will have permissions to the new file system share. It also provides troubleshooting tips and customization instructions for administrators who are interested in modifying the default configuration and processes used.

For more information on how to use the web portal or set up the IT Shop for governed data, see the following documents:

  • One Identity Manager Web Portal User Guide
  • One Identity Manager IT Shop Administration Guide
  • One Identity Manager Data Governance Edition User Guide

Note: This document does not cover all types of product requests that can be made through the web portal. It covers resource access requests for resources placed under governance and file system share creation requests. See the documents listed above for more information about the other features available through the One Identity Manager web portal and IT Shop.

Resource access requests

Using the web portal IT Shop, employees can request access to resources that are governed and published to the IT Shop. When a resource access self-service request is successfully processed and approved, the employee is added to the specified group and access is granted through this group membership.

For more details on setting up the IT Shop, requesting and approving resource access requests, troubleshooting issues, or customizing the default process, see:

Setting up resource access requests

As the Data Governance Administrator, use the Manager to perform the following tasks to enable self-service resource access requests within the One Identity Manager IT Shop:

Self Service Tools
Knowledge Base
Notifications & Alerts
Product Support
Software Downloads
Technical Documentation
User Forums
Video Tutorials
RSS Feed
Contact Us
Licensing Assistance
Technical Support
View All
Related Documents