Configuring basic protection

Permissions are assigned during the installation of EgoSecure Agents. So, even offline clients are provided with basic protection. In the following basic protection configuration, you first block all device classes for online and offline users. Every new user in the Console first gets inherited default user rights. Inheritance can then be disabled for individual users or groups to grant them individual user rights or group rights.

1. Open the EgoSecure Data Protection Console.
2. Go to User management|Control |Directory service structure|Defaultpolicies.
3. In the User management work area, click Default rights (user).
4. In the Devicesandports tab, right-click a device class, and select noaccess. Repeat the procedure for all device classes, and click Save.
5. In the Profile drop-down, select offline and repeat step 4.
6. Select Unknown users in the User management work area and repeat steps 4 and 5.

Basic protection for new users is set. The basic protection takes effect once an EgoSecure Agent is activated.

Synchronizing directory services

The Active Directory/NDS/LDAP/Azure AD synchronization allows for:

• Transferring users and groups from the existing directory service into the EgoSecure database.
• The Active Directory schema synchronizes as is, no changes are made.
  

  Before the first synchronization, define default rights for users in User management |Defaultpolicies.