This feature enables supervisors to implement access policy for files uploaded using MetaDefender Vault.
Enabling supervisor approval feature
In order to enable Supervisor Approval feature please go to Supervisor Approval →Global Settings. Note that guest can't be set as a supervisor
Set Supervisor stage approval process to:
One stage → One supervisor must approve uploaded files
Two stages → Two different supervisors must approve uploaded files (has been chosen from global setting), to turn this setting on, there is at least 2 supervisors prior from global configuration
Skipping supervisor approval process is possible for the following cases:
Never: default process, every file needs supervisor approval before being available for download
When sanitized: files that are sanitized will be automatically approved (do not require supervisor approval)
After time span: f iles will be automatically approved after the specified period of time elapses
A user with the supervisor role can approve or revoke approval for files. Initially, the local administrator account is a global supervisor so he can approve or deny approval for all the files.
You can configure other supervisors by going to Supervisor Approval → Setup Supervisor page.
From the global configuration menu you can select global supervisors. These users can supervise files for all the other users in the system.
Add or edit supervisors for each Organizational Unit
If you wish to configure one or more supervisors for each Organizational Unit you can do so by clicking Add / Edit when hovering over an Organizational Unit.
Each supervisor can only approve or reject files of his supervised users (in the same organizational unit). An organizational unit can have any number of supervisors, including none.
Learn how to include or exclude an organizational unit by going to User Filtering Configuration.
Assign supervisors dynamically by using an Active Directory filter
For both global supervisor and Organizational Unit supervisors you can choose to select supervisor by specifying an Active Directory filter. This way, users are promoted to supervisors whenever they match the specified filter.
Please note that for global configuration, the filter applies to all your Active Directories (if you have configured more than one).
Pending Approval Page
This page allows supervisors to manage files uploaded by the supervised users.
On the last column the following options are available:
Approve file: make the file available for download
Revoke approval: deny access to download the file
Retry processing (only visible in case of failures)
Approve or revoke multiple files at once
Supervisors can also approve or revoke multiple files at the same time, and not individually.
By selecting multiple files, the following actions will become available:
Download as archive
Two stage supervisor approval process
An uploaded file must be approved by two supervisors to be Available.
When a file is being Revoked by first or second supervisor the approval process will be restarted from scratch and two supervisors must approve the file again in order to be Available. If the file is being approved twice by the same supervisor, it won't be available. In order to be available two different supervisors must approve the file.
You can use this page to check files that have been previously approved or denied approval.
If you wish to change your decision you can do so by using the actions menu when choosing files.