Permission filter

Hello,

we are having this problem:

we assigned an employee to an application role , which has a custom permission group (copy of a pre-existing one). In the permission filter tab (relating to the ADSGroup table) of the permission group, we have entered and checked the queries. Then, we logged in to the Manager with the employee (role based) authentication module, but the filters are not applied.

By authenticating with the employee authentication module instead, having the system users assigned to the same authorization group, the filters work.

Moreover, is there a way to give permissions depending on the user who logs in?
e.g.: is it possible to assign permissions based on the logged in user only for certain groups? This is because with the filters mentioned above it is not possible.

We are using One Identity Manager 8.1.3

Thank you

Parents

0 Trevor Pike over 2 years ago

Hi,

Can you provide some screenshots of what you're doing? What "filters" are you referring to?

Do you mean you're entering conditions for the permissions group on the table?

Trevor
Cancel
Up 0 Down

Reply

Verify Answer

Cancel
0 ernesto filice over 2 years ago in reply to Trevor Pike

Hi, yes I mean entering conditions for the role based permissions group on the table. I can't understand why they work in a not-role based case, but If I create them by copy and I select the role based flag they don't work.
If can help, I noticed that when we perform the login with role based authentication, there are automatically assigned this two permissions group (VI_4_ALLUSER & VI_4_ALLUSER_LOOKUP).

I'm trying to do this, because I want that when a user login into the Manager tool (with auth-role based), he can see the groups he is the manager of and public groups.

Screenshots here:

https://drive.google.com/file/d/1BmmXZ9UFhs3kWJaZDQuFm_smme28wzad/view?usp=sharing

https://drive.google.com/file/d/1pzPFbhFwwDhjqJuvaCO7L3-rwxCpqTw-/view?usp=sharing
Cancel
Up 0 Down

Reply

Verify Answer

Cancel

Reply

0 ernesto filice over 2 years ago in reply to Trevor Pike

Hi, yes I mean entering conditions for the role based permissions group on the table. I can't understand why they work in a not-role based case, but If I create them by copy and I select the role based flag they don't work.
If can help, I noticed that when we perform the login with role based authentication, there are automatically assigned this two permissions group (VI_4_ALLUSER & VI_4_ALLUSER_LOOKUP).

I'm trying to do this, because I want that when a user login into the Manager tool (with auth-role based), he can see the groups he is the manager of and public groups.

Screenshots here:

https://drive.google.com/file/d/1BmmXZ9UFhs3kWJaZDQuFm_smme28wzad/view?usp=sharing

https://drive.google.com/file/d/1pzPFbhFwwDhjqJuvaCO7L3-rwxCpqTw-/view?usp=sharing
Cancel
Up 0 Down

Reply

Verify Answer

Cancel

Children

No Data

Endpoint Privilege Management

Permission filter