Configuring Automatic Group Membership

Dr.Web Enterprise Security Suite allows to configure the rules of automatic including stations into user groups.

To specify the rules of automatic including stations into a group

1.Select the Anti-virus Network item in the main menu of the Control Center.

2.In the hierarchical list of anti-virus network, select the user group for which you want to specify the membership rules.

3.Open the membership rules editing section by one of the following ways:

In the group properties pane on the right part of the window, in the Configuration section, click icon-filter-sa Group membership rules.

In the control menu, in the General section, select the Group membership rules item.

In the control menu, in the General section, select the Properties item, open the Configuration tab and click icon-filter-sa Group membership rules.

4.In the opened window, specify the conditions under which stations will be included into this group:

a)If the group membership rules have not been specified before, click Add the rule.

b)Set the Set group as primary flag to assign the group for which the ruse is creating, as a primary automatically for all stations that will be moved into this group according this rule.

c)For each block of rules, specify the following settings:

Select one of the options that sets the mode of rules combination inside this block: Matches all conditions, Matches any of conditions, Does not match any of conditions.

In the conditions drop-down lists, select: one of the station parameters that will be checked for compliance with the conditions; the mode of correspondence with this condition and specify the condition string if the station parameter assumes it.

info

To set the LDAP DN from Active Directory parameter

1.Enable the Synchronization with Active Directory task in the Server schedule (Administrating → Dr.Web Server Task Acheduler).

2.In the membership rules, set the necessary DN as a condition string for the LDAP DN from Active Directory parameter, for example:
OU=OrgUnit,DC=Department,DC=domain,DC=com

 

You may use regular expressions only for the matches regular expression option. For all other options, the exact match for the entered string is searched.

Regular expressions briefly described in the Appendices document, in the Appendix J. Regular Expressions Used in Dr.Web Enterprise Security Suite section.

To add one more condition in this block of rules, click icon-item-add from the right of condition string.

d)To add a new block of rules, click icon-item-add from the right of the block. At this, specify the mode of integration of this block of conditions with other blocks:

AND—conditions of blocks must be carried simultaneously.

OR—conditions at least one of the blocks must be carried out.

5.To save and apply the specified rules, click one of the following buttons:

Apply now—save the specified membership rules and apply these rules immediately to all stations registered on this Server. If a lot of stations are registered on the Server, execution of this action may take some time. Rules of stations regrouping are applied to all already registered stations immediately after the action is set and will be applied further to all stations, including the firstly registered on the Server, at the moment of their connection.

Apply on stations connect—save the specified membership rules and apply these rules to stations in the moment of their connection to the Server. Rules of stations regrouping are applied to all already registered stations at the moment of their next connection to the Server and will be applied to all stations firstly registered on the Server at the moment of their first connection.

6.When automatic membership rules are specified for a user group, next to the icon of this group in the hierarchical list, the icon-filter-sa icon displays, if the Show membership rules icon flag is set in the icon-tree-settings Settings of tree view list on the toolbar.

info

If the station was automatically included into the user group according to the membership rules, when removing the station from this groups manually makes no sense, because the station will be automatically returned to this group at the next connection to the Server.

To remove the rules of automatic including stations into a group

1.Select the Anti-virus Network item in the main menu of the Control Center.

2.In the hierarchical list of anti-virus network, select a user group for which you want to remove the membership rules.

3.Perform one of the following actions:

On the toolbar, click icon-general-remove-membership Remove membership rules.

In the group properties pane on the right part of the window, in the Configuration section, click icon-general-remove-membership Remove membership rules.

In the control menu, in the General section, select the Properties item, open the Configuration tab and click icon-general-remove-membership Remove membership rules.

4.After group membership rules are removed, all stations that have been included into this group automatically will be removed from this group. If for any of automatically included stations, this group was set by administrator as primary, after removing stations from the group, the Everyone group will be set as primary for these stations.