1. Manuals
  2. Brands
  3. EdgeWave Manuals
  4. Network Hardware
  5. iPrism Web Security
  6. Administration manual

Nested Groups - EdgeWave iPrism Web Security Administration Manual

Hide thumbs
Table of Contents

Advertisement

iPrism
Whatever defines the group (DOMAIN or groupname) can be wildcarded (replaced with a single
asterisk (*)). The asterisk wildcard means that all domains or all groups are covered by the
mapping entry. An example of this convenience is if you want members of the 'staff' group (in any
domain) to be mapped to the MonitorAll profile:
( [*\staff > MonitorAll] )
Likewise, a wildcard can be used in the group position to cover all groups within a particular
domain (e.g., [DOMAIN\* > BlockOffensive] ).
The Web Fallback and Application Fallback profiles are checked last and have the implied [*\* >
default profile] map.
The default profile should be carefully assigned, since any user who is not a member of one of
the group mappings will be associated with this profile. A common strategy is to plan that most
users will obtain the default profile, and use explicit mappings on the list for exceptions.
Note: Since *\* is implicitly mapped to the default profile, explicitly mapping *\*
on the list is not allowed.
In summary, an effective way to view mappings is to set the default profile as what most users will be
controlled by. Exceptions to the default profile can be configured via mappings, with the most specific
exceptions to be ordered at the top.

Nested Groups

When iPrism is joined to a Windows directory service that supports nested groups, such as Server
2000/2003 or Server 2008 mode, iPrism also supports nested groups.
Nested groups are supported when the iPrism is joined in either Server 2000/2003 or Server 2008
mode and the Windows domain controller is running in Windows 2000 Native mode or higher.
(Windows domain controllers running in Windows 2000 mixed mode do not support nested groups.)
When nested groups are in use, groups may be members of other groups. A user who is a member
of a group is also a member of any group of which that group is a member; e.g., if there is a group
"Color Printer Users", and this group is a member of the group "Printer Users", any user who is a
member of the "Color Printer Users" group is also a member of the "Printer Users" group.
Chapter 4 Users & Networks
Administration Guide
60

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the iPrism Web Security and is the answer not in the manual?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for EdgeWave iPrism Web Security

Related Products for EdgeWave iPrism Web Security

Table of Contents