Imperva Cyber Community

communities_1.jpg
Β View Only

  • 1.  DAM Users & Permissions

    Posted 01-07-2026 01:35
    Edited by Larry Ho 01-07-2026 01:36

    Hi Community..

    I have a use case to create a role for a LDAP group of people who will only has access to the "Users & Permissions" tab in the DAM MX GUI.

    Here is what I had done:

    • Create a Role in Admin --> Users & Permission
    • Assign all permissions in the Permissions tab
    • Checked "Users & Permissions" in Navigation tab
    • In Global Settings, checked "The user is authorized to perform Activate Settings unconditionally."
    • Create External Role and assign the above Role to the LDAP group
    • Logged in using an account from this LDAP group

    However I am unable to create users. Am i missing any steps?


    #DatabaseActivityMonitoring

    ------------------------------
    Larry Ho
    Presales
    M.Tech Products Pte Ltd
    Singapore
    ------------------------------



  • 2.  RE: DAM Users & Permissions

    Posted 01-07-2026 04:04

    Hi Larry Ho,

    Once external roles have been created, external system users that were not defined as SecureSphere users can login to SecureSphere. In that case all the Active Directory users that are members of Active Directory group for which you define external roles can login into SecureSphere.

    When such an Active Directory user attempts to login, SecureSphere connects to Active Directory and searches for that user. If this user is authenticated in Active Directory and there is an external role in SecureSphere for that Active Directory user group, then this user is successfully logged into SecureSphere with the Active Directory user name and is added as an External User. This user receives all the permissions granted to all matching external roles. This configuration is consistent throughout the Active Directory - SecureSphere session.

    To troubleshoot the current access issues, could you please confirm that the following items are configured in your Imperva DAM environment:

    1. LDAP Configuration Verification

    In the Admin workspace, navigate to System Definitions > Authentication & Authorization Configuration and verify:

    • The User Authentication method is set to include your external LDAP/AD system.
    • The specific LDAP server is correctly defined and the connection test is successful.

    1. Role Mapping
    • Ensure the assigned Role has the Manage Users permission enabled under the Permissions tab to allow the creation of new users.


    ------------------------------
    Regards,
    𝐌𝐒𝐭𝐞𝐬𝐑 𝐌𝐞𝐑𝐭𝐚
    Senior Security Consultant
    Mumbai
    ------------------------------



  • 3.  RE: DAM Users & Permissions

    Posted 01-07-2026 04:15

    Hi Mitesh,

    Yes, the LDAP integration is working and I am able to do the Test Connection.

    For the "Manage Users" permission, can you enlighten me where is it? Because I can only see these



    ------------------------------
    Larry Ho
    Presales
    M.Tech Products Pte Ltd
    Singapore
    ------------------------------

    Original Message


  • 4.  RE: DAM Users & Permissions

    Posted 01-07-2026 04:39

    Hi Larry Ho,

    To configure navigation permissions:

    1. In the Admin workspace, select Users and Permissions.
    2. In the Users & Roles pane, expand the Users category, then select the user or role to whom you want to assign navigation permissions. The users permissions of the selected user are displayed in the details pane. In the case of roles, only the Access column appears.
    3. Click the Navigation tab. The relevant GUI windows categories and screens, together with their options, appear.

    You can expand one or more categories to view the precise GUI windows of those categories.

    1. To enable or disable permissions for any category or GUI window, check the appropriate options.
    2. Click Save. Your settings are saved.



    ------------------------------
    Regards,
    𝐌𝐒𝐭𝐞𝐬𝐑 𝐌𝐞𝐑𝐭𝐚
    Senior Security Consultant
    Mumbai
    ------------------------------

    Original Message