Deployment Guide
Configuration Guide 29
7
Assign Forensic Administrator Role
By default, Forensic Authorization is enabled on back-end servers and disabled on front-end servers. These settings are
placed appropriately upon installation for both the Device Server and Security Server.
Remote Management Console Instructions
1
If needed, log on to the Remote Management Console.
2
In the left pane, click
Manage
>
Users
.
3
On the
Search Users
page, enter the name of the user you wish to give the Forensic Administrator role, and click
Search
(this user’s credentials are provided during execution of the CMGAd, CMGAu, CMGAlu utilities, and Decryption Agent
in Forensic mode).
4
On the
User Search Results
page, click the
Detail
icon.
5
On the
User Detail for: <Username>
page, select
Admin
.
6
In the User column, check
Forensic Administrator
, and click
Update
.
The Forensic Administrator role is now set.
Disable Forensic Authorization
1
On your back-end server, navigate to <Security Server install dir>\webapps\xapi\WEB-INF\context.properties and
change the following property:
service.forensic.enable=true
to
service.forensic.enable=false.
2
Restart the Security Server service.
3
Navigate to <Device Server install dir>\webapps\ROOT\WEB-INF\web.xml and set the forensic parameter:
<init-param>
<param-name>forensic</param-name>
<param-value>
@FORENSIC_DISABLE@
</param-value>
</init-param>
4
Restart the Device Server service.
5
As a best practice, remove the Forensic Administrator role from any user not actively using the role permissions.