Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 7 replies
  • Subscribers 28 subscribers
  • Views 4749 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

AD OU Groups Do Not Work

James Walter

Due to the XG not supporting nested AD Group membership, or even the ability to be a member of multiple groups, I was hoping that OU Based Groups would be the answer. Unfortunately it does not appear that OU based Groups do anything at all.  If I import an OU e.g. "OU=Test,OU=Domain Users", a member of that OU, with no other AD Group membership other than Domain Users, is still assigned to the Open Group.  There seems to be absolutely no function to OU based groups. Is this really the case?

 

I assume that even if this did work as expected it still wouldn't be the answer to my issues due to the strange limitation of single group membership for users. Trying to manage 12,000 students across multiple sites with these limitations and complete lack of granularity mean that it is turning into an administrative nightmare.  Will multiple group membership ever be supported?



This thread was automatically locked due to age.
Parents
  • 0

    Hey James,

     

    I know your pain!

    What I did was create Security Groups - Sophos-User, Sophos-Elevated, Sophos-Admin and each member is a member of one of those groups.

    Then I import those users in the STAS and apply web policies based on their Security Group level

     

    Sophos-user = no social media etc

    Sohos-Elevated = Social media and access to more web but no executables etc

    Sohops-admin - exe files and few restrictions

    Then set the XG to apply the default Sophos-Users to anyone new.

     

    Works well

Reply
  • 0

    Hey James,

     

    I know your pain!

    What I did was create Security Groups - Sophos-User, Sophos-Elevated, Sophos-Admin and each member is a member of one of those groups.

    Then I import those users in the STAS and apply web policies based on their Security Group level

     

    Sophos-user = no social media etc

    Sohos-Elevated = Social media and access to more web but no executables etc

    Sohops-admin - exe files and few restrictions

    Then set the XG to apply the default Sophos-Users to anyone new.

     

    Works well

Children
No Data