Creating a Secure Flat File Data Directory on Windows - trillium_discovery - trillium_quality - 17.1

Trillium DQ Installation Guide

Product type
Software
Portfolio
Verify
Product family
Trillium
Product
Trillium > Trillium Discovery
Trillium > Trillium Quality
Version
17.1
Language
English
Product name
Trillium Quality and Discovery
Title
Trillium DQ Installation Guide
First publish date
2008
Last updated
2024-10-19
Published on
2024-10-19T09:58:08.471711

To create a secure area for flat file data sources, you need to:

  • Create a Windows group for each secure area.

  • Create at least one Windows user ID for each Windows group that you created and add the user(s) to the appropriate group.

  • Create a directory for each group.

  • Edit the properties on each directory that you created and grant full access to the group that corresponds to the directory.

A user group is only required if you plan to access data from flat file data sources requiring secure directory locations. The following example demonstrates how this can is useful.

Example

Assume that you have two teams—Accounting and Human Resources—that will create entities based on flat file data sources.

If you do not want the Accounting team to have access to the data from Human Resources, you would:

  • Create two Windows groups—one for Accounting and one for Human Resources.
  • Create at least one Windows user ID for each group that you created and add the user(s) to the appropriate group.
  • Create two separate directories—one for the Accounting team (C:\accounting) and one for the Human Resources team (C:\HR).
  • Edit the properties on each directory that you created and grant full access to the group that corresponds to the directory.

To add a Windows user group for each secure location

  1. Before you begin, as the Windows Administrator, create a user group on the Trillium repository server to contain Windows user IDs that can access a secure area.

    There are no naming restrictions for group names, but it is recommended that you name them something meaningful.

  2. Open the Control Panel.

  3. Click Administrative Tools > Local Security Policy.

  4. In the Local Security Policy window, expand Local Policies.

  5. Click User Rights Assignment > Log on as a batch job.

  6. Add the user group you created in step 1.

Note: Ensure that the Group Policy item “Remove Run option from Start Menu” is not applied to the new secure Windows group. This setting is located in Local Computer Policy\zxcvbnmser Configuration\ Administrative Templates\Start Menu & Taskbar.