Users who should not have access are able to access files in protected folder

book

Article ID: 210441

calendar_today

Updated On:

Products

CA Privileged Identity Management Endpoint (PIM)

Issue/Introduction

After adding rules to stop all users from accessing a folder with a file rule we are still seeing all users have access.

editres FILE ('/apps/ta_uat_pri/uat1/stage/*') audit(ALL) defaccess(NONE) warning  owner('ownername')

 seaudit shows
 Mar 2021 18:55:39 W FILE         user1   Chdir     202  4 /apps/ta_uat_pri/uat1/stage/in/vbsbulked/post_ack /usr/bin/ksh         10.189.135.113 (OS user)        user1  

Cause

 seaudit table shows
error code is 202     Resource in WARNING mode

Environment

Release : 12.8

Component : CA ControlMinder

Resolution

The seaudit shows this error with a warning only.  This is the correct behavior for a warning

If you remove "warning"  from this rule then this user would have been denied

editres FILE ('/apps/ta_uat_pri/uat1/stage/*') audit(ALL) defaccess(NONE) warning  owner('ownername')