Skip to main content
Skip table of contents

Adding endpoints not in AD

In some organizations there is a requirement to secure endpoints not present in the Active Directory Domain. To be able to secure such endpoints you need to create Asset Groups that have a policy configured which allows users to access such endpoints.

Prerequisite

  • The assets not included in AD can be added into Sectona EPM product using the network scan.

  • Only after this step you will be able to levy policies for Asset Groups not in AD

Add an Asset Group

Create an Asset Group Policy

Add an Asset Group

To add a new Asset Group, go to Manage Assets → + Add Asset Group→ Asset Group. Fill in the following details:

Title

Entry Information

Asset Group Name

Enter a unique title for your Asset Group

Group Member Type

Select the Static Group option

Asset Group Description

Enter the details of the asset group

Click on Save after you have completed filling out these details.

Following the completion of these steps you can now view the Asset group in the Asset Group section. Now you can add assets into the asset group using the following steps.

  • Click on the ellipsis (…) icon next to the currently saved access group and select Edit.

  • Click on the Assets tab.

  • Click on the check boxes of the assets (not in AD) that you would like to add in this asset group.

  • Click on the right arrow button to push them to the Asset Group

Now that the Asset Group with the non-AD Endpoint assets is ready, we can create an Asset Group Policy that would be applied to this asset group.

Create an Asset Group Policy

  • Select on Privilege Management from the sidebar and click on Asset Group Policy.

  • On the top right click on +Asset Group Policy.

  • Enter the Policy Overview details.

Title

Entry Information

Policy Name

Enter a unique title for your Policy Name

Policy Description

Enter a brief description about the policy

Asset Group

Select the Asset Group just created from the menu displayed

Allow Elevation Request for Unknown Application

Toggle to activate depending on requirement.

Allow Execution Request for Block Application

Toggle to activate depending on requirement.

Policy Status

Set to Active by Default

After completing these details click on Save.

Now the EPM agent will be able to manage this group of endpoints not present in Active Directory Domain.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.