Creating Active Directory Console Groups

This procedure describes how to create and Active Directory-based groups.

When creating Active Directory-based groups in ObserveIT, a check will be performed against the domain to make sure that the group exists.

To create an Active Directory group in ObserveIT

In the Configuration > User Management > Console Users tab, click the Add AD Group button.

The Add Console Group dialog box opens in which you can specify the Group Details.
Enter the Group Name.
In Domain Name, enter the required domain for the console group, or select it from the drop-down list which displays all the domains in the Active Directory forest in which the ITM On-Prem (ObserveIT) Application Server is a member.
Click Check Name to verify the group name.

If the group name is verified, a confirmation message is displayed.
If required to change the permissions assigned to the group, from the Role list, select Admin, View-Only Admin, or Config Admin.

By default, the Allow access to "All Endpoints"group check box is selected for new Console Groups, which allows them access to all the deployed ITM On-Prem (ObserveIT) endpoints. If required, you can clear the check box, and then manually grant the Console Group the appropriate access rights to either single ITM On-Prem (ObserveIT) endpoints or to endpoint groups.
Configure the default page that will be displayed when the console group logs in to the Web Console. By default Automatic (Based on Role) is selected, which usually means that the User Risk Dashboard is the default page that opens after login, exposing data that is relevant to the group's user list. If no alerts were assigned to the group, the Endpoint Diary opens by default.

You can change the default page that is displayed upon login by selecting the required option: Endpoint Diary, Admin Dashboard, Alerts, or Insider Threat Intelligence Dashboard.
When you have finished configuring the new Active Directory group, click Add. If required, you can repeat this procedure to add another group.