cancel
Showing results for 
Search instead for 
Did you mean: 

SA4500 access restrictions based on a user rule OR a computer rule?

isnsrti_
New Contributor

SA4500 access restrictions based on a user rule OR a computer rule?

Hi,

Due to licencing changes to our Microsoft Enterprise Agreement, I'm looking to restrict access to either remote COMPUTERS which are joined to our domain OR the USERS are members of an AD group.

The first I can do in a Host Checker registry rule, the second I can do in a role mapping rule, however in this case the clients would need to satisfy both. Does anyone know if there's a way of granting access based on a computer rule OR a user rule?

Thanks

Russell

1 REPLY 1
zanyterp_
Respected Contributor

Re: SA4500 access restrictions based on a user rule OR a computer rule?

Can you clarify your query further: do you mean to have users login with username/password for group-based role mapping only OR username/password and the machine is a domain machine based on the Host Checker only rather than group membership?

You can have a rule that maps based on groups

You can have a rule that maps based on the Host Checker policy

You can do custom expressions that map roles based on both items being true.

Does that help?