Kurt De Jaeger Posted April 29, 2019 Share Posted April 29, 2019 Hello, We want to connect PWS with AD and use AD Security Groups with already all our 200 persons in it. We've already created dedicated AD groups and want to start putting our existing department groups in it. Like this, we use the existing once and don't have to do double work again to put everyone in those pws ad security groups. But we also want to create an AD security group and put members in it who doesn't have to have access to pws but still can work in our domain. You can import ad groups and set to View - Modify or Administrator ... but how to set to a group NOT to have access to pws? Cheers K Link to comment Share on other sites More sharing options...
support Posted April 30, 2019 Share Posted April 30, 2019 Hi Kurt, Unfortunately the purpose of our security Groups are to automatically users into the system for the purpose of logging into the system, and applying permissions throughout the software. What you could possibly do is disable their accounts once they have been imported into Passwordstate, as this would free up licenses? Would this help at all? To help me understand a bit more about what you are asking for, can I ask why you would put users in a security group who you do not want to give access to Passwordstate? Are you hoping to use them in a Password Record or something like that, so you can automatically reset their password? Maybe you could use the API to script adding these users into password records if this is what you are hoping to achieve? Regards, Support. Link to comment Share on other sites More sharing options...
Kurt De Jaeger Posted May 2, 2019 Author Share Posted May 2, 2019 Hello, So ... Hope I can explain. We want to do the user management in AD and not in PWS (PasswordState) I know in PWS you can select 1 individual user (or more) and disable them so they can't access PWS anymore. But we want to use AD and put members in AD SecurityGroups. We thought of import an AD group with NoAccess or AccessDenied permissions. So I though on setting the permissions of that AD group in PWS to No Access, but still import them in PWS. Every engineer is in a security group in AD already and we don't want to redo everything in PWS. We have trainees that need access to our network, but not in PWS. So if that trainee is also in the group PWS_NOACCESS then he can do his job without accessing PWS. Hope this makes sense and you understand what I'm trying to achieve. The management can be done in AD this way. Cheers Kurt Link to comment Share on other sites More sharing options...
support Posted May 2, 2019 Share Posted May 2, 2019 Hi Kurt, Sorry, but your only option here is to use different Security Groups - any security groups you've added into Passwordstate, then members of this security group would have access to Passwordstate, and any Password Lists you've applied permissions to. So only import Security Groups for users who you wish to have access to Passwordstate. Regards Click Studios Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.