App Control: Adding Azure AD Users/Groups Within Custom Rules
search cancel

App Control: Adding Azure AD Users/Groups Within Custom Rules

book

Article ID: 288858

calendar_today

Updated On:

Products

Carbon Black App Control (formerly Cb Protection)

Issue/Introduction

Does App Control support adding Azure AD users/groups within Custom Rules?

Environment

  • App Control Server: All Supported Versions
  • App Control Agent: All Supported Versions

Resolution

App Control does not currently support adding Azure AD users/groups within Custom rules due to the difference between on-site AD SIDs and Azure SIDs formats

Additional Information

There is an engineering development ticket for this feature to be added in an upcoming release: EP-17112

As a workaround you can:
  • Add the Azure AD users/groups SID number to the Custom Rule (How to find the Azure SID here)
  • Apply the rule to Authenticated users
  • Apply the rule to all users and secure it with an "OnlyIf" macro to specific computer/s  (e.g. <OnlyIf:HostName:*LSMITH-1*>)
Powered by Wolken Software