02-13-2015 12:35 PM - edited 03-10-2019 10:27 PM
I am trying to create an AuthZ policy that will identify if a device is in specific Endpoint Identity Group. See policy below.
I used the IdentityGroup:Name attribute Equals the Identity Group MAB_Devices. Please note that there are NO Identity groups listed in the dropdown options, so I typed in the name. Alas, the rule is not working. Anyone have advise on what I am doing wrong? Thx
Solved! Go to Solution.
02-13-2015 01:09 PM
You can choose the Endpoint Identity Group on the Authorization Policy before you specify any conditions. Will that meet your requirements?
Where it says If [Any] and [Conditions] when you create a new rule.
02-13-2015 01:09 PM
02-15-2015 09:26 AM
Bransomar, your screenshot is an Authentication policy rule but you should do it in Authorization policy. Authentication policy sorts out requests by request method and origin and assigns an identity store to each.
02-16-2015 02:41 PM
Yes, thank you. That worked!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide