To enable password management, access to endpoints or apply policies, assets & users must be part of a group. Using groups can help to simply user management as changes are applied to all members of the group. You can group users based on location or any common or shared traits. For example System administrators in Dubai. Similarly you can group assets based on platform types or department wise.
User groups are simple grouped information while assets groups can be based on dynamic or static in nature. For example assets groups based on Active Directory groups.
Grouping assets and users into group helps the PAM administrator to give granular access to the endpoints by making them part of Access Policy.
You can use multiple policies to define which users can which assets based on group membership via Active Mapping policies in the system.
This section includes: