You can browse the Spectrumâ„¢ Technology Platform server's folders when performing
tasks that require them to select a file. For example, users can browse the server when
selecting an input or output file in a source or sink stage in Enterprise Designer.
As an administrator, you may want to restrict access so that sensitive portions of
the server cannot be browsed or modified.One way to prevent access to the server's
file system by making sure that users do not have the Platform security permission
Security - Directory Paths. This prevents access to all folders
on the server. You can also prevent access to some folders on the server while allowing
access to others. When you grant limited access, the folders you allow access to appear
as the top-level folders in users' file browse windows. For example, if you allow users
to only access a folder on the server named WestRegionCustomers, when users browse the
server they would only see that folder, as shown here:
There are two situations where users can view the server's entire file system
even if you have granted only limited access:
- When browsing for a database file while creating a Spectrum database in Management
Console
- When browsing for a JDBC driver file while creating a driver in Management
Console
To prevent users from browsing the server's entire file system, use roles to limit
the user's access to Spectrum databases and JDBC drivers.
To provide access to
some folders on the server while restricting access to others, follow this
procedure.
-
Open Management Console.
- Go to .
- Click Directory Access.
-
Set the Limit access to server directories switch to
On.
- Click the Add button .
-
In the Name field, give a meaningful name for the folder
to which you are granting access.
The name you provide here appears as the root name of the directory to users
when browsing the server. In the example shown at the beginning of this
topic, the name given to the accessible directory is WestRegionCustomers.
-
In the Path field, specify the folder to which you want
to grant access. Users will be able to access all file and subfolders contained
in the folder you specify.
- Click Save.
-
If you want to grant access to additional folders, repeat the previous steps as
needed.
Users now have access only to the folders you have specified. Note that users must
have the Platform security permission Security - Directory Paths
in order to access server directories.Note: If there are any dataflows that had
previously accessed files that are no longer available because of file browsing
restrictions, those dataflows will fail.