Example task for seal
Scenario:
In the folder domain passwords access data for different domains are managed. Since this data is extremely sensitive it is protected with seals. After a seal has been broken it is urgently necessary that another authorized colleague can also access the dataset. If it should have been forgotten to reseal a password it can only be seen by the persoln that has broken the seal. For this reason it should be checked ever 5 minutes if there are any unsealed passwords or datasets with broken seals in the aforesaid folder. In order to avoid that a password is resealed before the colleague could open the password after the the break of seal, it should be configured that only after a seal has been broken for at least 20 minutes it is resealed. Since two of the datasets were not protected with the seal template, but with an own seal, broken seals should as well not be sealed with a template but with the current seal. The configuration of the task should only be carried out by the CEO Mr. Anderson.
Precondition:
At the server the task system has to be configured and activated.
Configuration:
The task system is opened via edit -> manage system tasks. With a click on add task the context menu is opened in which seal is selected then. In the following menu the name of the task as well as a description is stated. The time of the next run is deliberately not changed. So the task is directly carried out once after the completion.
Under the tab interval it is defined that the run should happen every 5 minutes:
The options of the seals are set under the tab settings. First of all the reason for the seal is entered. Afterwards the seal template is selected. In the menu item on broken seal it is defined that broken seals can be resealed with the current seal. At reseal broken seals after the required 20 minutes are set:
With a click on folder filter the accordant folder is selected:
In order to conclude you have to switch to the tab rights, where first of all the user Anderson is added and afterwards the administrator as well as the administrator group is deleted:
After all settings have been saved the new task will be shown together with the task from the Example task for SMTP mail (expiring passwords):
In the future it will be checked every 5 minutes if one of the domain passwords has to be sealed. If one of the passwords should not have a seal yet it will be sealed with the seal template. If the seal of a password is broken it is checked first of all if the seal has been broken for 2o minutes or longer. In this case the dataset will be immediately resealed with the current seal. If the seal is not broken for 20 minutes yet the password is not resealed, however, it will be checked again in the next run.