Skip to content

Security Group Assignment

There are multiple user accounts, computer accounts, and other groups present in the Active directory. Security groups are used to collect such groups into manageable units and assign them permissions for the shared resources.

This design step allows you to create rules to select specific users using filters and assign them the desired security groups.

Additional to rule based security groups, you can also choose the default security groups which will be assigned to all users in the company.

Note- This is an optional step, you can skip this step if you do not want to assign any security groups by clicking on the Save & Next button.

Security Group Assignment Step

Figure 1. Security Group Assignment step

Security Group Assignment Step

Figure 2. Security Group Assignment step with Multi Domain Controller

How to create a Rule for assigning Security Groups to users?

Once you are on this step you will see a section under the heading Add user to Security Group. This section represents a rule based on which security groups can be assigned to selected users.

Define Security Group Mapping Rule Form

Figure 3. Define Security Group Mapping Rule Form

In a multi-domain controller setup, you can assign security groups to the user from any of the base DN depending on the condition.

Define Security Group Mapping Rule Form

Figure 4. Define Security Group Mapping Rule Form with Multi Domain Controller

Following are the steps to create a rule -

  1. Firstly, you can set up the filters to select the users you want to assign Security groups to. You can create a filter using the following steps -

    • Click on "Choose Attribute" and select employee attribute and operation you want to apply to match that attribute.
    • Next, you get a "Value" field where you type the value you want to match the attribute with and also choose the OU you want to assign.

    Filter example

    Figure 5. Example of a filter

    Filter example

    Figure 6. Example of a filter with Multi Domain Controller

  2. You can add multiple filters using the "AND" and "OR" logic. These logics can be added using the : button present on the right of the value input field.

  3. You can add multiple rows of the above filters using + button inside the box.

    Security Group dropdown to select security groups

    Figure 7. Security Group dropdown to select security groups.

    You can add or delete more rules with different priority using the Add a rule or delete button respectively.

    Add and Collapse Button

    Figure 8. 'Add a rule' and 'Delete' buttons.

Adding default security groups to all users

Additional to rule based security groups, all employees will also be assigned with default security groups. Simply search and select the security groups you want to apply to the entire company.

Default Security Groups Box

Figure 9. Default Security Groups Box to add default security groups

Default Security Groups Box

Figure 10. Default Security Groups with Multi Domain Controller

Import And Export Mapping Rules

Using this feature, you will be able to import all the mapping rules by uploading a .csv or .xlsx file. Also, you can export all the mapping rules as a .csv/.xlsx file.

Import/Export button to import or export file

Figure 11. "Import/Export Mapping Rules" button.

To Import or Export a file you have to first click on Import/Export Mapping Rules button. Clicking on this button will open a Dialog box containing two tabs, one is for importing and other is for exporting the mapping rules. By default if the form is valid you will be redirected to Export tab otherwise the Export tab will remain disabled and you will be redirected to the Import tab.

Importing mapping rules

Steps for importing file:

  1. Choose Import tab from the dialog box.

    Dialog to import file

    Figure 12. Dialog Box For Importing .xlsx or .csv File

  2. Now Click on Choose File button to choose the file you want to import. Clicking on button will open file directory from which you can select .csv or .xlsx file.

    Choose file button to import

    Figure 13. "Choose File" button for choosing file to be imported.

    Widow Directory to choose file to import

    Figure 14. Windows Tab for choosing .xlsx or .csv File.

  3. After doing first 3 steps please wait while your file gets imported and rules get created.

Note - There is the specific format to import file. You can get the format by exporting some mapping rules.

Exporting mapping rules

Steps for exporting file:

  1. Choose Export tab from a dialog box.

    Choose Export Tab

    Figure 15. Dialog Box for Exporting File.

    Choose File Format

    Figure 16. File Formats To Export.

  2. Now Select the file format from the dropdown and click on Export button. Once clicked your file will get exported in the selected format and the name of the file will be Hire2Retire_SG_Mapping_(TimeStamp).

    Export Button

    Figure 17. "Export" button.

AI Insights for Security Group

With RoboMQ’s new AI model, rule sets for SGs can be seamlessly generated. Click the icon adjacent to 'Security Group Memberships' in the workflow, and fill out the form for more details. Upon submission, RoboMQ’s AI team will engage with you, craft rule sets, and deliver you as a CSV file.

AI button for Security Groups

Figure 18. "AI" button.