This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help
Simon_Macpherso
Collaborator
‎2019-11-11 04:43 PM

Identity Awareness Access Role Objects

Jump to solution

Hello, 

With regards to creating Identity Awareness Access Role Objects, if two or more objects are added i.e. a network and an AD user group, do only one or both attributes have to match for the user to be granted access?

 

From R80.10 administration documentation:

In Smart Console, you can create Access Role objects to define users, computers and network locations as one object.

You can use Access Role objects as a source or a destination parameter in a rule.

Access Role objects can include one or more of these objects:

  • Networks
  • Users and user groups
  • Computers and computer groups
  • Remote Access Clients

 

Regards,

Simon

0 Kudos
1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin
‎2019-11-12 06:53 AM

Jump to solution
One of each attribute specified has to match to be considered part of the access role.
So, for instance, if you specify a network and a user group, it has to be someone in that user group on the specified network.

View solution in original post

1 Reply
PhoneBoy
Admin
Admin
‎2019-11-12 06:53 AM

Jump to solution
One of each attribute specified has to match to be considered part of the access role.
So, for instance, if you specify a network and a user group, it has to be someone in that user group on the specified network.