Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Participant

Identity Awareness Access Role Objects

Jump to solution

Hello, 

With regards to creating Identity Awareness Access Role Objects, if two or more objects are added i.e. a network and an AD user group, do only one or both attributes have to match for the user to be granted access?

 

From R80.10 administration documentation:

In Smart Console, you can create Access Role objects to define users, computers and network locations as one object.

You can use Access Role objects as a source or a destination parameter in a rule.

Access Role objects can include one or more of these objects:

  • Networks
  • Users and user groups
  • Computers and computer groups
  • Remote Access Clients

 

Regards,

Simon

0 Kudos
1 Solution

Accepted Solutions
Highlighted
Admin
Admin
One of each attribute specified has to match to be considered part of the access role.
So, for instance, if you specify a network and a user group, it has to be someone in that user group on the specified network.

View solution in original post

1 Reply
Highlighted
Admin
Admin
One of each attribute specified has to match to be considered part of the access role.
So, for instance, if you specify a network and a user group, it has to be someone in that user group on the specified network.

View solution in original post