AD user restriction => Provide different privileges to AD users as per roles.
We need to make users restriction which means users authenticated from LDAP have only access on the devices from their team and not of other departments like admin account.
· Check the Roles in System > System Management > User Management
· You need to create different roles with the specific authorization and management group of resources as below :
· The role name must match the Group on the AD which have the users that will be authenticated
The name of the group on the AD that contains the users should match the name of role creates on the esight which specify the authorization roles for these users .
Roles can be pre-defined :
Or can be modified based on your requirements while creating the Role from user management
You need to match the AD group on the AD with the Role created for the AD users in that group.