locked
Privileged Endpoint Policy configuration RRS feed

  • Question

  • Hi,

    I would like to map a particular "IAG portal logged on user" (not the WindowsLoggedOn User) as a Privileged Endpoint.

    How can I for instance make a user who is member of Active Directory security user group "GROUP-A", to be a Privileged Endpoint?

    Marten
    Monday, January 25, 2010 8:58 AM

Answers

  • Marten—


    Privileged users are based on their endpoint information (computer) and not who logged in.   Out-of-box the answer is no, however you could create a custom endpoint policy to make that work.

    You would need to use WMI or something else to see who is logged on.  Create in the IAG advance script editor a list of known users.   Not the cleanest but it would work.

    Thanks

    Dennis

     

    • Marked as answer by Erez Benari Thursday, January 28, 2010 9:44 PM
    Wednesday, January 27, 2010 7:46 PM

All replies

  • Dear Marten

    Can you tell what your goal is with this action

    Martijn B.
    Wednesday, January 27, 2010 6:16 PM
  • Marten—


    Privileged users are based on their endpoint information (computer) and not who logged in.   Out-of-box the answer is no, however you could create a custom endpoint policy to make that work.

    You would need to use WMI or something else to see who is logged on.  Create in the IAG advance script editor a list of known users.   Not the cleanest but it would work.

    Thanks

    Dennis

     

    • Marked as answer by Erez Benari Thursday, January 28, 2010 9:44 PM
    Wednesday, January 27, 2010 7:46 PM
  • Hi Martijn,
     I would like to raise the "Session timeout" value for a particular set of users (read AD security group). So my plan was to give Privileged Endpoints a higher timeout value.
    That´s why I would like to map a AD security group to be a Privileged Endpoint.

    Marten

    Friday, January 29, 2010 1:09 PM