Skip to main content

Assign a Proxy User Group to an Access Policy

Prerequisites

  • Ensure the Proxy User Group you wish to use in this Guide has already been created, either by:
    • Designating a Directory User Group as a Proxy User Group, or
    • Creating a standalone Proxy User Group
  • Ensure the users have been assigned to the group:
    • Directory Group Proxy User Group: The users have been assigned to the desired Active Directory or LDAP Server groups on the respective server, and DrawBridge has synchronized that information over.
    • Proxy User Groups (standalone): The People records have been created in the DrawBridge and assigned to the desired Proxy User Group

Concept Overview

drawbridge-groups.drawio.png

1. Create a Device Group

  • Navigate to Devices / Device Groups
  • In this example, there are no prexisting Device Groups: empty-device-groups-list.png
  • Click the + button in the upper right of the list shown above, and a popup will appear for you to Create a new Device Group. Specify a Name for the Device Group (the other defaults shown are fine). Then Save. create-device-group--name.png
  • Now we have our new Device Group, named "warehouse". Note that there are 0 Devices and 0 Groups assigned: warehouse-device-group-no-groups.png

2. Assign the Proxy User Group to the Device Group

  • Click the Add Console Group button under the Groups tab to assign the Proxy User Group created earlier to this Device Group: add-console-group-to-device-group.png
  • Now we have the warehouse Proxy User Group assigned to the warehouse Device Group: warehouse-device-group-with-console-proxy-user-group.png

3. Create an Access Policy; associate the Device Group

  • Navigate to Accounts / Companies

  • Click the Access Polices: Access Policy Dashboard on your Company record page: company-record-access-policy-dashboard-button.png

  • Click the + button at the top of the Access Policies list to create a new Access Policy: add-access-policy-button.png

  • Give the Policy a name; in this case, I'm matching the name I gave to the Device Group: warehouse. The other settings here can be left on the default selections. create-access-policy--name.png

  • Assign any Policy associations or permissions. If you don't wish to set any of these parameters, continue to Devices, below. create-access-policy--policy-permissions.png

  • Assign the warehouse Device Group created above on this page. create-access-policy--devices.png

  • Assign either a pre-existing Action Group, or automatically create a new one by picking a Category and desired Action for that category that will be assigned to this Device Group.

    The Autofix Mode settings can be left on the defaults unless you prefer them otherwise. create-access-policy--actions.png

  • Assign any Times you wish this policy to apply. If nothing is selected, the policy will apply all the time. create-access-policy--times.png

  • Assign any App associations (advanced functionality). Generally this is left unspecified (applies to all apps). create-access-policy--apps.png

  • Save the new Access Policy: create-access-policy--save.png

  • Now you have your finished Access Policy that applies to the warehouse Device Group, which has the warehouse Proxy Group users as members.

    Note that though it is showing no Devices, the policy is still applying to the Users associated with the selected Device Group. finished-access-policy--no-devices.png

  • To change the filter policy actions, click the Categories tab and use the Add Category Action Pair or Bulk Assign Categories to modify the filter policy as desired. access-polic--categories-tab.png

  • When finished, apply your changes by clicking on the Reload prompt: reload-redwood.png And confirm: confirm-redwood-reload.png

Back to top