Group Member Approval Action

This action can be used for approvals that are based on a group membership authentication of the approver.

  1. Navigate to Admin | Actions.

  2. Search and select Group Member Authenticated Message Action.

  3. Click Duplicate.

  4. Name your new action and click Create.

    group approval action

  5. Customize the Action based on your specific business requirements.

  6. Verify the By the member of the group: is active and a group is listed below the button. If you ever need to change it, come back to this page and click the group name to access the change modal.

  7. Determine the state of the Verify group membership via Domain Controller(s) check box.

    This option relies on the ability of computers to contact their domain controllers in real time to authenticate users and refresh group memberships.

    If enabled, the IBM Security agent will contact a domain controller to re-authenticate the user and refresh group memberships each time this action is invoked. If a domain controller cannot be contacted, authentication will be controlled by the Verify Group Membership radio buttons.

    If disabled, the IBM Security Agent will use the group membership information that is present in the user's desktop session, which reflects the group memberships that were in effect when the user logged on to their desktop and may no longer be accurate.

  8. Click Save Changes.

  9. Navigate to your computer group's Application Policies, click Create Policy or find an existing policy that you want to use for these approvals.

  10. Under the Actions section, search for and add the action you previously created.

  11. Click Save Changes.

  12. Click the i next to Deployment and select Resource and Collection Targeting Update to immediately send the policy to your endpoint agents.

Policies also automatically update according to a schedule.

Related topics: