With GAT Flow, Admins can select one or multiple users of the domain and remove the shares of all the files owned by those selected users.
GAT Flow is a user management tool. It allows the Admins to onboard, offboard, and modify existing users. This can be done manually or via automated workflows. There are multiple different actions that can also be taken.
Remove shares from owned files #
A user can own millions of files in their domain, this action allows to remove all the shares of those (million) files and make them private.
This action will unshare all files that are owned by the affected user.
Navigate to Flow > Create workflow (1) > Workflow type (2)
Note: This can be done with Event or Recurring workflows too.
Fill in the details (3) for the workflow.
- Name – enter workflow name
- Description – enter workflow description (optional)
- Type – select type of workflow
- Modify – modify current users
- Offboard – offboard and delete user accounts
- Conditional flow – select to use Conditional workflows (optional)
- Run immediately after approval – unselect it if you would like to schedule the action for later (optional)
- Next (5) – Click to proceed
In the next stage Search for users (1) – select the users you need
- Search for a user – pick users individually
- Search for a group – pick a group of users
- Search for an OU – pick an org. unit of users
Then click Proceed to actions
In the next Choose actions step, pick the actions to be taken.
Click on the + button (2) to add an Action (or ++ button to add via Action sets).
A pop-up window will be displayed, search and select Unshare-owned files (3)
Then select Scopes (4)- to choose which scopes you want to remove from the files the user owns
- Viewer – Viewer permission on the owned files
- Commenter – Commenter permission on the owned files
- Editor – Editor permissions on the owned files
- Send approval request (5) – click on when the action and scopes are selected
Security officer approval #
When the request is sent, the Security officer will receive an email for the approval required.
When the request is approved the workflow will be set to run.
When the workflow has run, the Admin can see the result on the Workflow (1) page.
As result, all the files owned by the chosen users will become private and not shared with anyone, as they were “unshared“.
After a new scan in GAT+, you can see that the files owned by the users are private and not shared.
Admin Log result #
Admin can also see the result in the Admin log of all the changes that happen.
Navigate to GAT+ > Configuration (1) > Admin Log (2) > Action (Permission change).
Click on the Additional information > Eye icon (3) to see more details.
The changes can be also reverted. To do that, click on Revert changes.