To enable permission remediation

1. From the Data Insight Management Console, click Settings > Permissions. The Remediation sub-tab opens by default.
2. Click Edit. The page expands to display the configuration for permission remediation.
3. Select Enable Permission Remediation.

To configure remediation for raising a ticket

1. From the Data Insight Management Console, click Settings > Permissions. The Remediation sub-tab opens by default.
2. Click Edit. The page expands to display the configuration for permission remediation.

   Select Enable Permission Remediation if it is not already enabled.

3. Select Raise a ticket. The panel expands to display the configuration details.
4. Select either of the two options:

   • Send email - Select to configure settings for an email-based ticketing system.

   • Use custom action - Select to configure settings for a non-email based ticketing system.

5. If you selected the Send email option, provide the relevant information in the email template:

   • The email ID of the sender

   • The email IDs of the recipients

   • The email IDs of other recipients

   • The subject line

   • The header line showing priority and the queue status. The headers can be set to have custom information sent to the ticketing/request systems. For example, you can set priority=high, assign_to=permission_queue etc.

   • The body of the email. You can use the default variables to enter relevant text. The variables are evaluated during run-time and are replaced by their corresponding values. Currently Data Insight provides the following dynamic variables:

     • Recomendation_text

       The value of this variable is the recommendations generated by Data Insight.

       For information about reviewing permission recommendations, see the Symantec Data Insight User's Guide.

     • Requester_name

       The value of this variable is the user who accepted the Data Insight recommended changes.

     • Action_id

       Data Insight generates the value of this variable. It is a unique identifier for the operation.

     • Todays_date

       The value of this variable is the system date.

6. If you selected Use custom action, do the following:

   • Create a custom script by following the guidelines documented in the Symantec Data Insight Programmer's Reference Guide.

   • Save the script at the location: $datadir\conf\workflow\steps\permission_remediation\ticketing.

7. In the Enter the command to be executed field, provide the file name of the saved script.
8. Select the relevant saved credential if your system needs to run the script using the specified credentials. The script runs with the Local System account credentials, however network calls made by the script will impersonate the specified user credential.
9. Click Save.

To configure the process of applying recommendations

1. Write the relevant scripts to handle changes to the following:

   • The Active Directory.

   • CIFS permissions.

   For more information about the custom scripts refer to the Symantec Data Insight Programmer's Reference Guide.

2. Save the scripts in the following locations:

   • For changes to Active Directory - $DATADIR\conf\workflow\steps\permission_remediation\AD

   • For changes to CIFS permissions - $DATADIR\conf\workflow\steps\permission_remediation\CIFS

3. From the Data Insight Management Console, click Settings > Permissions. The Remediation sub-tab opens by default.
4. Click Edit. The page expands to display the configuration for permission remediation.
5. Select Enable Permission Remediation if it is not already enabled.
6. Select Remediate using custom scripts. The panel expands to show you the configuration details.
7. In the Enter the command to be executed field, specify the file name of the custom script(s) that you have created in step 1
8. Click Save.

   The saved scripts are used to handle the permission remediation actions after you accept the permissions recommendations displayed on the Workspace tab.