Configuring Automatic Group Membership

Dr.Web Enterprise Security Suite allows to configure the rules of automatic including stations into user groups.

To specify the rules of automatic including stations into a group

1.Select the Anti-virus Network item in the main menu of the Control Center.

2.In the hierarchical list of anti-virus network, select the user group for which you want to specify the membership rules.

3.Open the membership rules editing section by one of the following ways:

In the group properties pane on the right part of the window, in the Configuration section, click icon-filter-sa Group membership rules.

In the control menu, in the General section, select the Group membership rules item.

In the control menu, in the General section, select the Properties item, open the Configuration tab and click icon-filter-sa Group membership rules.

4.In the opened window, specify the conditions under which stations will be included into this group:

a)If the group membership rules have not been specified before, click Add the rule.

b)Set the Set group as primary flag to assign the group for which the rule is being created as the primary group for all stations that will be moved into this group according to this rule.

c)For each block of rules, specify the following settings:

Select one of the options that sets the mode of rules combination inside this block: Matches all conditions, Matches any of conditions, Does not match any of conditions.

In the conditions drop-down lists, select: one of the station parameters that will be checked for compliance with the conditions; the mode of correspondence with this condition and specify the condition string if the station parameter assumes it.
Stations can be combined into groups under the following conditions

   - station name (a set of characters the name contains or a regular expression);

   - IP-address (a set of characters the IP-address contains, the subnet it belong to or a regular expression);

   - description (a set of characters the description contains or a regular expression);

   - station ID (a set of characters the ID contains or a regular expression);

   - newbie (stations are added to the group on the basis of having or not having the newbie status);

   - LDAP DN from Active Directory (a set of characters the LDAP DN contains or a regular expression);

info

To set the LDAP DN from Active Directory parameter

1.Enable the Synchronization with Active Directory task in the Dr.Web Server schedule (Administrating → Dr.Web Server Task Scheduler).

2.In the membership rules, set the necessary DN as a condition string for the LDAP DN from Active Directory parameter, for example:
OU=OrgUnit,DC=Department,DC=domain,DC=com

 

You may use regular expressions only for the matches regular expression option. For all other options, the exact match for the entered string is searched.

Regular expressions briefly described in the Appendices document, in the Appendix J. Regular Expressions Used in Dr.Web Enterprise Security Suite section.

       - operating system installed on the station (Windows, UNIX, MacOS, Android, etc.; the Unknown value is also available);

       - operating system build (a set of characters the build number contains or a regular expression);

        - station platform (the version of the OS installed on the station; for Android, Windows and MacOS only);

        - connection protocol (TCP IP, TCP IPv6, UNIX);

        - Dr.Web Server ID (a set of characters the ID contains or a regular expression);

        - station type (Full Agent, Virtual Agent, Scanning Server).

To add one more condition in this block of rules, click icon-item-add from the right of condition string.

d)To add a new block of rules, click icon-item-add from the right of the block. At this, specify the mode of integration of this block of conditions with other blocks:

AND—conditions of blocks must be carried simultaneously.

OR—conditions at least one of the blocks must be carried out.

5.To save and apply the specified rules, click one of the following buttons:

Apply now—save the specified membership rules and apply these rules immediately to all stations registered on this Dr.Web Server. If a lot of stations are registered on Dr.Web Server, execution of this action may take some time. Rules of stations regrouping are applied to all already registered stations immediately after the action is set and will be applied further to all stations, including the firstly registered on Dr.Web Server, at the moment of their connection.

Apply on stations connect—save the specified membership rules and apply these rules to stations in the moment of their connection to Dr.Web Server. Rules of stations regrouping are applied to all already registered stations at the moment of their next connection to Dr.Web Server and will be applied to all stations firstly registered on Dr.Web Server at the moment of their first connection.

6.When automatic membership rules are specified for a user group, next to the icon of this group in the hierarchical list, the icon-filter-sa icon displays, if the Show membership rules icon flag is set in the icon-tree-settings Settings of tree view list on the toolbar.

info

If the station was automatically included into the user group according to the membership rules, when removing the station from this groups manually makes no sense, because the station will be automatically returned to this group at the next connection to Dr.Web Server.

To remove the rules of automatic including stations into a group

1.Select the Anti-virus Network item in the main menu of the Control Center.

2.In the hierarchical list of anti-virus network, select a user group for which you want to remove the membership rules.

3.Perform one of the following actions:

On the toolbar, click icon-general-remove-membership Remove membership rules.

In the group properties pane on the right part of the window, in the Configuration section, click icon-general-remove-membership Remove membership rules.

In the control menu, in the General section, select the Properties item, open the Configuration tab and click icon-general-remove-membership Remove membership rules.

4.After group membership rules are removed, all stations that have been included into this group automatically will be removed from this group. If for any of automatically included stations, this group was set by administrator as primary, after removing stations from the group, the Everyone group will be set as primary for these stations.