Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

App Control: Adding Azure AD Users/Groups Within Custom Rules

App Control: Adding Azure AD Users/Groups Within Custom Rules

Environment

  • App Control Server: All Supported Versions
  • App Control Agent: All Supported Versions

Question

Does App Control support adding Azure AD users/groups within Custom Rules?

Answer

App Control does not currently support adding Azure AD users/groups within Custom rules due to the difference between on-site AD SIDs and Azure SIDs formats

Additional Notes

There is an engineering development ticket for this feature to be added in an upcoming release: EP-17112

As a workaround you can:
  • Add the Azure AD users/groups SID number to the Custom Rule (How to find the Azure SID here)
  • Apply the rule to Authenticated users
  • Apply the rule to all users and secure it with an "OnlyIf" macro to specific computer/s  (e.g. <OnlyIf:HostName:*LSMITH-1*>)

Labels (1)
Tags (2)
Was this article helpful? Yes No
No ratings
Article Information
Author:
Creation Date:
‎11-15-2022
Views:
666
Contributors