12: Using Targeting Editor in PolicyPak Cloud Settings

How can I target a User or a Group membership with PolicyPak Cloud based settings?

Summary:

You have a requirement to target PolicyPak Cloud policies to a particular set of groups of Users or a Group only. You want to use the built-in GP Preference method of choosing a group or a user to target those settings via PPC (PolicyPak Cloud). In this KB we will demonstrate how will you do that.

There is going to be two-part steps in targeting PolicyPak Cloud managed settings, aka. Group Policies via PPC to those users or computers.

Part 1:

First step is to getting a SID (Security Identifier) of a User or Group’s Object.

Getting a SID for a USER:

There are two ways you may want to do that. Please follow the steps accordingly.

Way # 1: For Current Logged-in user:

  1. Launch CMD or Windows PowerShell
  2. Run a command whoami /user
  3. Note down a long code as shown in below screenshot:

Way # 2: For Another user:

  1. Launch CMD or Windows PowerShell
  2. Run a command wmic useraccount where name='username' get sid
  3. Copy the output SID of another user for next step:

    Note: All commands in these steps are tested on Microsoft Windows Version 1909 (OS Build 18363.592).

Getting a SID for a GROUP:

In this scenario you may also want to follow either step as per your use-case. So, follow the steps accordingly.

Step # 1: Getting a SID for a Domain Group:

  1. Launch Windows PowerShell on a Domain Controller or a Client-Machine with RSAT tools. Logged-in user has to be an administrator.
  2. Run a command Get-ADGroup -identity “GroupName”
  3. Copy the SID information for later user.

    Note: The command in this step is tested on Microsoft Windows Server 2012 R2 (Build 9600)

Step # 2: Getting a SID for a Local Group:

  1. Launch Windows PowerShell
  2. Run a command (Get-LocalGroup -Name 'GroupName').SID
  3. Copy the SID information to use for next step.

    Note: The command in this step is on Microsoft Windows Version 1909 (OS Build 18363.592)

Part 2:

In this part we will insert the SID, that we extracted by following any of the above step, in PolicyPak Cloud based Internal Item-Level Targeting Filter window.

  1. Launch PolicyPak Cloud Portal
  2. Create a New Policy and select a i.e. Drive Maps from Microsoft Policy Preferences

  3. Click on Mapped Drive drop-down and select Drive option

  4. After filling out the details select ILT button

  5. Click on New Item drop-down at Targeting Editor window
  6. Select User and fill-in the SID from the clipboard

  7. Click Ok button.
  8. If you want to target users from a particular Group then select Group at step 6
  9. Fill in the SID detail of a Group from the clipboard

  10. Click OK button.
  • 868
  • 14-Feb-2020
  • 79 Views