RVY200653: How to create Upload User with least privilege

 

This document describes how to create a least privilege user able to upload Inventory data files to RayVentory Server. 

 

1

Login on to the RayVentory Server. Open “Computer Management” console with administrative permission and select view “Local Users and Groups”. 

2 

Add a new local user, e.g. “RayVentoryUploader” and select "User cannot change password" and "Password never expires". 

mceclip0.png

 

3 

Remove the new upload user from the normal "Users" group. 
This blocks standard login and direct access to Server applications and resources. 

blobid1.jpg

 

Set User permission for IIS Site

1

Open “IIS Server Manager” and select "ManageSoftRL" folder (Upload location).

 

mceclip2.png



2

Select “Authentication” icon …

mceclip3.png

and verify that "Basic Authentication" is “enabled” or enable it:

mceclip4.png

 

3

Expand the “ManageSoftRL” directory on the left navigation bar and mark sub-folder “Incoming”

 

Hint: The IIS folder “ManageSoftRL” is the name of a virtual web folder, pointing to a folder within the file system.

 

4

Right click on sub-folder “Incoming” and select “Edit permissions”

5

Select the “Security” tab within the “Edit permissions” dialog, which now shows the folder path from file system perspective, e.g. “E:\RayVentory\Incoming”.

 

mceclip5.png

 

Hint: If using RayManageSoft (RMSi), the “Incoming” folder is located in the “Warehouse Directory”.
In addition, RMSi uses also a shared folder “ManageSoftRL$” (network share), pointing to the same file system path.

 

6

Select “Edit” permissions and “Add” the new User account (e.g. “RayVentoryUploader”) to the list of Group or user names.

Grant "read" and "write" permissions for the ManageSoftRL directory (Incoming folder).

 

mceclip6.png

 

Save your changes and test inventory uploads by using the different upload methods explained below.

 

 

Upload Inventory with Upload-User credentials

 

The following KB articles describe how to add the Upload-User account to the RayVentory components:

Further information about running Inventory task refer to the User Manual provided along with the Setup or use the following FTP-Download:

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Comments

Powered by Zendesk