Skip to content

Security Group Memberships

Active Directory contains various user accounts, computer accounts, and groups. To simplify management and control access to shared resources, security groups are used to organize these entities into logical units with assigned permissions.

Besides rule-based security groups, you also have the option to assign default security groups that apply to all users across the organization.

Note- This step is optional. If you prefer not to assign any security groups at this stage, you can proceed by clicking the Save & Next button.

Security Group Memberships Step

Figure 1. Security Group Memberships step

Security Group Memberships Step

Figure 2. Security Group Memberships step with Multi-Domain Controller

How to create a Rule for assigning Security Groups to users?

When you reach this step, you'll find a section titled Security Group Memberships. This area allows you to define rules that determine how security groups are assigned to users.

Each rule acts as a filter or condition that helps automatically associate specific users with the appropriate security groups based on attributes such as department, job title, location, or other criteria.

Define Security Group Mapping Rule Form

Figure 3. Define Security Group Mapping Rule Form

In a multi-domain controller setup, security groups can be assigned from any Base DN. Assignments are based on defined conditions, enabling flexible cross-domain group management.


Define Security Group Mapping Rule Form

Figure 4. Define Security Group Mapping Rule Form with Multi-Domain Controller

Here’s how to create a rule for assigning security groups -

  1. Start by configuring filters to identify the users who should be assigned to specific security groups. To do this: -

    • Click on "Choose Attribute", then select the desired employee attribute and the condition you want to apply for matching.
    • After that, enter the appropriate value in the "Value" field and select the Organizational Unit (OU) where the group should be assigned.

    Filter example

    Figure 5. Example of a filter

    Filter example

    Figure 6. Example of a filter with Multi-Domain Controller

  2. You can add multiple filters using the "AND" and "OR" logic. These logics can be added using the : button present on the right of the value input field.

  3. You can add multiple rows of the above filters using + button as shown below.

    Security Group dropdown to select security groups

    Figure 7. Add button to add multiple rows

    You can manage multiple rules with varying priorities by using the "Add a rule" button to create new rules or the "Delete" button to remove existing ones.

    Add and Collapse Button

    Figure 8. 'Add a rule' and 'Delete' buttons.

Adding default security groups to all users

Alongside rule-based group assignments, you can also apply default security groups to every user across the organization. Just search for the desired groups and select them to ensure they are automatically assigned to all employees.

Default Security Groups Box

Figure 9. Default Security Groups Box to add default security groups


Default Security Groups Box

Figure 10. Default Security Groups with Multi-Domain Controller

Import And Export Mapping Rules

This feature allows you to conveniently manage mapping rules by importing them from a .csv or .xlsx file. Additionally, you can export all existing mapping rules into a .csv or .xlsx format for backup or reuse.

Import/Export button to import or export file

Figure 11. "Import/Export Mapping Rules" button.

To import or export a file, start by clicking the Import/Export Mapping Rules button. open a dialog box with two tabs—Import and Export. By default, if the form is valid, you'll be directed to the Export tab. If the form is invalid, the Export tab will be disabled, and you'll be taken to the Import tab instead.

Importing mapping rules

Steps you need to follow to import a file:

  1. Choose the import tab from the dialog box.

    Dialog to import file

    Figure 12. Dialog Box for Importing .xlsx or .csv File

  2. Now click the Choose File button. This action will open a file explorer where you can select a .csv or .xlsx file to upload.

    Choose file button to import

    Figure 13. "Choose File" button for choosing the file to be imported.

    Widow Directory to choose file to import

    Figure 14. Windows Tab for choosing .xlsx or .csv File.

  3. After doing the first 2 steps, please wait while your file gets imported, and rules get created.

Exporting mapping rules

Steps for exporting file:

  1. Choose the Export tab from a dialog box.

    Choose Export Tab

    Figure 15. Dialog Box for Exporting File.

    Choose File Format

    Figure 16. File Formats to Export.

  2. Now Select the file format from the dropdown and click on Export button. Once clicked your file will get exported in the selected format and the name of the file will be Hire2Retire_SG_Mapping_(TimeStamp).

    Export Button

    Figure 17. "Export" button.

AI Insights for Security Group

RoboMQ’s latest AI model allows for effortless creation of rule sets for Security Groups. Simply click the icon next to 'Security Group Memberships' in the workflow and complete the form to provide the necessary information. Once submitted, the RoboMQ AI team will review your request, generate the rule sets, and send them to you in a CSV file

AI button for Security Groups

Figure 23. "AI" button.