Previous Topic: Security Policies and GroupsNext Topic: Predefined Groups for Resource Access


Predefined Groups of Users

CA ControlMinder includes predefined groups to which a user can be joined. One such group is the _restricted group. For users in the _restricted group, all files and registry keys are protected by CA ControlMinder. If a file or a registry key do not have an access rule explicitly defined, access permissions are covered by the _default record for that class (FILE or REGKEY).

Use the _restricted group with caution. Users in the _restricted group may not have sufficient authorization to do their work. If you plan to add users to the _restricted group, consider using Warning mode initially. In Warning mode, the audit log shows which files and registry keys users need for their work. After examining the audit log, you can grant the appropriate authorizations and turn Warning mode off.