Checking security policy integrity includes user auditing correctness check, backup storage and security policy restoring.
To check security policy integrity, use the Tools navigation panel section.
NOTE. When roles of information security administrator and application administrator are separated, the Service section is available only for information security administrator.
The Service section:
To check the p4audit service user that is required to perform a correct user audit, user locking mechanism check is used. The p4audit service user is created in security manager or in repository manager. In case of incorrect creation of the p4audit user, schema reinstallation or malicious actions, the security system might function with errors.
To check user locking mechanism on administrator login in security manager, select the Check at Login checkbox. In case errors are found, an appropriate message is displayed. Checkbox status remains the same for the current OS user.
NOTE. Checking user locking mechanism is available only in the desktop application. The check of user locking mechanism at system login increases wait time of Foresight Analytics Platform start.
To check user locking mechanism now, click the Check Now button. A message containing information about the check appears upon completion.
To save security policy, audit settings, group and user information, object access permissions, backup and restore security policy is used. Operations on copying and restoring security policy are saved to the log.
To save a backup, click the Create Backup Copy button. A standard dialog box opens where you need to specify file name and save path. By default file name is created automatically as: scheme name [date in format selected at the client workstation]. A backup file is saved with the *.pppolicy extension.
Click the Restore Backup Copy button to restore security policy settings from backup. A standard dialog box of file selection opens. Specify location for the security policy file (*.pppolicy).
NOTE. Backup and restoring security policy is executed within one repository without possibility to create it in another repository. Security policy is restored, if the current version and restored version do not match.
Users and groups of users are restored when the security policy settings are restored. If the restored copy includes a user or a group that is missing in the current version of the security policy, the following dialog box opens:
Select the Restore option, after click the Continue button. Upon restoring the user or the group the system requests password of the system administrator or database server administrator.
Select the Do Not Restore option and click the Continue button. The user or the group will not be restored.
Select the Apply in All Similar Cases checkbox. The selected action will be executed for all added users or groups without additional confirmation. The checkbox is deselected by default.
After restoring information security policy the system requests to update user list. User update is required to ensure correct performance in the future. If the answer is positive, user update is started. After the process is completed a message appears informing that security policy is restored:
Click the Results button to show or hide detailed results of operations executed with users:
Click the Copy to Clipboard button to copy information from the table to clipboard.
See also:
Controlling Foresight Analytics Platform and Metadata Integrity | Checking Repository Metadata Integrity