Products
Solutions
Partners
Support
Company
Try Now
Pulse Secure Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Host Checker status role mapping

gowri_
New Contributor
‎09-16-2010 02:43:PM
‎09-16-2010 02:43:PM

Host Checker status role mapping

Hi,

Need guidance in configuring the SA6500 host checker to meet the following requirement.

we have two kinds of users employee and contractors for them the roles are mapped with active directory and resources assigned to the roles.

We want implement host checker, for employees AV,patches matches he will get mapped to the respective active directory mapped role, if host checker fails map to a generic role with limited access.

similarly for the contractors. I have implemented custom expression and map to particular local role, how do i choose the active directory mapped role.

pls provide your advice

Thanks

gowri

0 Kudos
3 REPLIES 3
srigelsford_
Contributor
‎09-17-2010 12:27:AM
‎09-17-2010 12:27:AM

Re: Host Checker status role mapping

Hi Gowri,

If I understand right, you will end up with four roles:

-Employee full access

- Employee restricted access

-Contractor full access

-Contractor restricted access.

To achieve this, in your realm, map contractors to both contractor roles, and employees to both employee roles, then on the two full access roles add the restriction that host checker is required.

If they pass hostchecker they will get both restricted and full access, if they fail they will only get their restricted access.

Because no matter what they will get restricted access, don't duplicate the resources between the restricted and full access roles.

Sam.

0 Kudos
zanyterp_
Respected Contributor
‎09-19-2010 09:24:PM
‎09-19-2010 09:24:PM

Re: Host Checker status role mapping

In addition to the solution mentioned by @ , you can do the following in your role mapping role on the realm:

create the needed policies on the left and assign ALL roles on the right. Then on the roles that should pass Host Checker to receive them, enable Host Checker to be required (Users>User Roles>roleName>General>Restrictions>Host Checker).

This has the advantage of simplifying your configuration to allow access based on one role mapping rule on the realm but still only provide trusted/full access to trusted computers.

In all instances you will need to have Host Checker evaluate only at the realm.

0 Kudos
gowri_
New Contributor
‎09-21-2010 03:48:AM
‎09-21-2010 03:48:AM

Re: Host Checker status role mapping

Thanks for your suggesions, will try come back if there are any further challenges.

0 Kudos
© 2017 Pulse Secure, LLC. Use of this website assumes acceptance of our Legal Notices and Privacy Policy. Pulse Secure has updated its Privacy Policy effective June 28, 2017.