We have a requirement where a certain users repository is not accessible even to administrators. Since administrator are from different country and there is sensitive data available in the source tables.
Revoke access to all repositories from the Administrators group. You can then grant individual access at a repository level. Cf. for detailed instructions.
Dirk, I looked at your approach little closer. And got a question could an admin not simply be able to grant themselves again the ability to access the repo?
As I said the administrators are from other country and we want certain local repositories to be lock down to them.
How about locking down at database level with windows auth? An administrators can still access the CMC and Designer, however they will never be able to actually log into local repo because they will not have the Windows Authentication.
After login to the IPS, you can select any repository you are granted access to. The credentials arre picked up from the CMS database. As an extra security feature you may be requested to enter the database password. But again, as an Administrator you can disable that feature.
Have you considered auditing? Then you cannot prevent unwanted access, but you can monitor it. And take necessary actions.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.