Application Control: Apply rules to Active Directory Users/Groups
Astaro please include application control rules applicable to users group in AD. Very important to include.
Although it is possible to use AD groups for App Control right now, there are limitations. We want to make it consistent with Web Filtering policies. We are considering this feature as a candidate for a future release.
William Piovezan commented
I can confirm using the last 9.4 version even with STAS that Application Control still only recognizes IP source host network definitions. User/group network definitions are not supported.
So this is definitively a feature request to improve Application Control management.
Jason Walker commented
What is the status on this?? Very important feature for us.
What about support for Active Directory in a pure IPv6 environment. Currently you can only implement an Authentication server over IPv4.
Is their any update about this feature? I tried to build an allow rule before the block rule. But it is only working with Host and Networks Objects. User and usergroups are not working. A really important feature as special users need special access.
Carlos Rocha commented
....Although it is possible to use AD groups for App Control right now....
Can you give us some details of the actual implementation ? Tried almost everything and AD groups does not work at all on APP control.
We have a much more another Functions, which based on User-names.
It's unusual, that it not work for Application control!
And we have possibility to Choose it in web-UI!
Customers don't understand this behavior! (
Hi every one commented
Hi every one
I also need this feature to be available where certain users are able to bypass the rules of the UTM. i.e they just use the utm as a internet gateway and exempted from any rules imposed on them....
Markus Knappe commented
I also desperately need. WebSecurity can be defined in a user-level, applicationcontrol only in a network-level.
Please implement that application control can be defined in a user-level with AD.
Bob Alfson commented
I can't find it now, but there is a similar request for being able to use AD-authenticated backed groups to define Departments in Reporting. Maybe an admin could find the various suggestions and group them.
Here's where BangkokBob and I discussed this on the User BB: http://www.astaro.org/astaro-gateway-products/management-networking-logging-reporting/39846-web-security-reporting-8-202-a.html
Cheers - Bob