SEP WTR enabled as access method into WSS
WSS managed using Management Center/UPE and not WSS Portal
WSS tenant Administrator observed huge number of policy denied events and the majority of it is from non-interactive-user.
Within UPE configuration, administrator only allows the traffic from domain users. Anything that is not a domain user will be denied by default - hence non-interactive-user is denied.
How does one can create a policy and allow the non-interactive user object in UPE?
Management center used to configure WSS
Users accessing WSS using SEP WTR clients
Can also apply to WSS agent clients
WSS policy rule only allowing access to objects for explicitly defined users and the non-interactive-user was not one of these allowed users.
Create a new 'non-interactive-user' within local authentication realm (IWA on-box) and create a corresponding rule to allow this user access to certain domains.
Here is how WSS Transformed the rule when completed:
define condition __USER1
user="non-interactive-user" ; Gestures transformed ; realm=NCNET ->
end condition __USER1