I need to set policies based on user groups so that same policies to be applied no matter user logs in any computers.
These are prerequisite to be achieved the goal,
- Application Blade enabled
- URL Filtering Blade enabled
- Identity Awareness
Let's assume we like to allow OneDrive for specific users only.
Firstly we need to set a user group who can access OneDrive.
Click on New button on right top from SmartConsole and drill down to More -> User -> Access Role
Name the rule and set up policy and add the group we created and add required services for Microsoft OneDrive.
Then new window pops up. Click on Users and select Specific users/groups and then click on + button.
Another new windows pops up and you can add users for the OneDrive.
You can search the user and click on + button in front of user name.
Repeat previous step to add all desired users then click OK button.
Now we are going to set up policy to allow OneDrive for the user group we just created.
Click on SECURITY POLICIES button on left panel. And Select App & URL Filtering under Access Control.
Click on Add rule above or Add rule below button to create a new rule.
Now click on Publish button and then Install Policy button to apply the new rule.
All set now. Only users in the group are allowed to access Microsoft OneDrive. Of course you need a deny policy for OneDrive access at bottom of policies.
COMMENTS