How wildcards work on access groups segregation flow

LeonArian · March 10, 2023, 3:55pm

Inside the Access Group configuration on the Criteria tab, you can configure the Access group segregation. Besides the information about Site, Device Type, and Credential Type, you can use tags to further segregate the access group.

These fields are free text fields, and you can use the wild card character which is the asterisk (*) in any part of these fields, lets’s see examples of the use this wildcard have.

As an example in the Device field:

win* = This will filter all devices whose hostnames start with ‘win’

*win * = This will filter all devices whose hostnames have ‘win’ in any part of its hostname.

win*-server = This will be all devices that start with ‘win’ and ends with ‘-server’.

Another special value that can be used is the mask [username#], which will replace the username of the account which is logged on senhasegura and that is asking to see a device/credential.

As an example in the Username field:

[username#] = Makes that the user can only see credentials that have the same username as his own.

[username#]-adm = Only credentials that have the composition of the requester’s username and the suffix -adm will be shown.

[username#]* = Will show credentials that have the requester’s username and anything else after it.

jonathasom10 · June 6, 2023, 4:39pm

Where can I find more parameter options to configure in these fields? In the case of a client of ours, it is not possible to configure with the [#USERNAME#] parameter, to make the user who is accessing, see only their credentials, because the administrative credentials of each user do not contain the name in the credential .

LeonArian · June 14, 2023, 1:01pm

You can only use these as parameters for the fields, but you can use tags to better segregate the access workflow.
You can understand this configuration workflow better on the following documentation: Access Groups