- Create an AD-based group and add the computer accounts where Agents are configured for Isilon auditing
- Reboot the Agent server for the group membership to take effect
- Add the group for read access to the IFS share via EMC OneFS website
- Ensure the computer accounts also have read access (directly or indirectly) to the files/folders being audited
*Note: Adding the computer objects via AD group is the easiest method to control access. Also, the OneFS web page does not allow search/addition of computer accounts so cannot add them individually. Individual computer accounts CAN be added via ISI command line on the Isilon itself.
Example:
isi smb shares permission create ifs --sid COMPUTER_ACCOUNT_SID --permission-type allow --permission read