How can I target a User or a Group membership with PolicyPak Cloud based settings?
You have a requirement to target PolicyPak Cloud policies to a particular set of groups of Users or a Group only. You want to use the built-in GP Preference method of choosing a group or a user to target those settings via PPC (PolicyPak Cloud). In this KB we will demonstrate how will you do that.
There is going to be two-part steps in targeting PolicyPak Cloud managed settings, aka. Group Policies via PPC to those users or computers.
First step is to getting a SID (Security Identifier) of a User or Group’s Object.
There are two ways you may want to do that. Please follow the steps accordingly.
whoami /user
Note down a long code as shown in below screenshot:
wmic useraccount where name='username' get sid
Copy the output SID of another user for next step:
Note: All commands in these steps are tested on Microsoft Windows Version 1909 (OS Build 18363.592).
In this scenario you may also want to follow either step as per your use-case. So, follow the steps accordingly.
Get-ADGroup -identity “GroupName”
Copy the SID information for later user.
Note: The command in this step is tested on Microsoft Windows Server 2012 R2 (Build 9600)
(Get-LocalGroup -Name 'GroupName').SID
Copy the SID information to use for next step.
Note: The command in this step is on Microsoft Windows Version 1909 (OS Build 18363.592)
In this part we will insert the SID, that we extracted by following any of the above step, in PolicyPak Cloud based Internal Item-Level Targeting Filter window.
Create a New Policy and select a i.e. Drive Maps from Microsoft Policy Preferences
Click on Mapped Drive drop-down and select Drive option
After filling out the details select ILT button
Select User and fill-in the SID from the clipboard
Fill in the SID detail of a Group from the clipboard