VMware Horizon Community
system32AUT
Enthusiast
Enthusiast
Jump to solution

Group Membership Conditions: user is a member of the specified group or a child from this group ?

Hi, is there a way that we can check if a user is a member of the specified group or a child of this group ?

i.e.:      Global AD Security Group:     ABC-Sec1 and this AD Security Group holds 12 more AD Security group like ABK-SecA1, SecA2, SecA3 and so on... If a user is Member of one of the 12 Groups the Conditions should be true but now it isn´t true because it just check the "Main-Mother" Group and not the 12 Childs...

Thanks and Greetings from Austria

Dominik

1 Solution

Accepted Solutions
ijdemes
Expert
Expert
Jump to solution

I know exactly what you mean. And that's also what I successfully tested. Let me explain.

User A is member of Global Group, which is member of Local Group, which is used to present shortcut

UserA --> Global Group --> Local Group --> Shortcut in UEM --> Successfully made available to UserA

User A is member of Global Group, which is member of Global Group, which is used to present shortcut

UserA --> Global Group --> Global Group --> Shortcut in UEM --> Successfully made available to UserA

I am still curious to see what is logged in the FlexEngine.log file.


\\ Ivan
---
Twitter: @ivandemes
Blog: https://www.ivandemes.com

View solution in original post

6 Replies
Sravan_k
Expert
Expert
Jump to solution

I never tried this scenario on my environment but will give a try and will provide my feedback

what version of UEM are you using?

Regards,

Vkmr.

Reply
0 Kudos
system32AUT
Enthusiast
Enthusiast
Jump to solution

We using 9.1 for Win7 SP1 x64 and UEM 9.3 for Win 1709, Thanks Vkmr!

Reply
0 Kudos
ijdemes
Expert
Expert
Jump to solution

Hi Dominik,

UEM is group nesting 'aware'. I have double checked it with global groups in locals and global groups in global groups. What particular problem do you have? Can you post a flexengine debug log?


\\ Ivan
---
Twitter: @ivandemes
Blog: https://www.ivandemes.com
system32AUT
Enthusiast
Enthusiast
Jump to solution

Hi @ijdemes , well.... We have around 300 Users which must get a specific link and this 300 Users are in one of this global AD security Groups:

pastedImage_0.png

so... if a User is in the main AD security Group RZ-PWSAFE, he gets the link because we set it in UEM so:

pastedImage_5.png

.... but if the user is in one of the 16 child-ad-security Groups which are member of the main ad-security Group he doesent get the link because UEM think he isn´t in the main ad group...?

so we have to to this:

pastedImage_6.png

...which is not our style and thinking of digital secure automated IT workplace Smiley Happy

So maybe we can get a new option like this:

pastedImage_9.png

U know what I mean?

kind regards,

Dominik

Reply
0 Kudos
ijdemes
Expert
Expert
Jump to solution

I know exactly what you mean. And that's also what I successfully tested. Let me explain.

User A is member of Global Group, which is member of Local Group, which is used to present shortcut

UserA --> Global Group --> Local Group --> Shortcut in UEM --> Successfully made available to UserA

User A is member of Global Group, which is member of Global Group, which is used to present shortcut

UserA --> Global Group --> Global Group --> Shortcut in UEM --> Successfully made available to UserA

I am still curious to see what is logged in the FlexEngine.log file.


\\ Ivan
---
Twitter: @ivandemes
Blog: https://www.ivandemes.com
system32AUT
Enthusiast
Enthusiast
Jump to solution

well... We just test it again and it works now, thank you ijdemes​ for your effort and time!