Securing CA NSM › Data Scoping › User IDs Required for Data Scoping Rule Evaluations › Data Scoping Rule Evaluation Using Windows Local Groups
Data Scoping Rule Evaluation Using Windows Local Groups
You can create Data Scoping rules for local group accounts defined on the local machine. Rules are applied in the following ways:
- If a rule exists for a local group account and the local user account who is authenticated is a member of that local group, the rule applies to that user.
- If there are rules for multiple local groups and the local user who is authenticated is a member of those local groups then, all rules apply.
- If local group rules conflict, an Allow rule takes precedence.
- If rules exist for the specific local user account, these rules are treated the same as any rules that exist for local Groups in which the local user is a member.
More information:
How Data Scoping Order of Precedence Rules Are Applied
Copyright © 2010 CA.
All rights reserved.
|
|