Endpoint User Group functionality and computer accounts
Article ID: 160150
Updated On:
Products
Data Loss Prevention Endpoint Prevent
Issue/Introduction
You are configuring Endpoint User Groups to work with the DLP Endpoint Agent, and you need to know whether you can use groups that contain Active Directory computer accounts.
Resolution
The DLP Endpoint Agent only evaluates groups that contain the user account that is currently logged on. It does not perform a search for the Active Directory computer account of the machine where the agent is installed, or match against groups that contain computer accounts.
You should make sure that when configuring endpoint user groups, you select a Base DN and group objects that contain the user accounts of the endpoint users you wish to search for.
Feedback
Yes
No
Powered by
