Knowledge Base

Access official resources from Carbon Black experts

Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

Environment

EDR Server: 7.7.0 and Higher

Objective

How to set enhanced permissions for ADFS integration

Resolution

In the /etc/cb/sso/attr_map.ldap.py, add the permissions to your team mappings

team_mappings = {
    'team1': {
        'teams': ['Analysts', 'Team1'],
        'permissions': ['ban_hash_execute', ‘live_query_execute']
    }
}

Additional Notes

Available team mapping permissions

global_admin
ban_hash_execute
isolate_sensor_execute
tamper_protection_execute
uninstall_sensor_execute
livequery_execute

Article Information

Author:

Creation Date:

‎07-11-2022

Views:

209