Anchor | ||||
---|---|---|---|---|
|
Easy heading | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
For On-Premises Deployment of GYTPOL
After the initial setup, the GYTPOL web UI is accessible to the "Authenticated Users" domain group. However, it is possible to restrict access to the web UI by creating a specific security group that includes only users who should be allowed access. The permissions for each member can then be established and controlled through the "Roles and Permissions" screen, as illustrated below.
...
Ensure that you maintain JSON formatting and utilize a double slash for the domain\group value.
For SaaS Deployments
If SAML integration hasn't been set up, you can request your GYTPOL Customer Success Manager to create local users in your cloud tenant.
If you prefer to use SAML IdP, please refer to this guide: SaaS IdP (SAML) Integration Manual
Role based access control setup
Once the server installation/update is complete, and the previously mentioned modifications have been applied, please proceed with the RBAC setup.
Please open the GYTPOL UI and click the gear icon Settings Roles & Permissions
...
Write the desired role name (i.e., Full Admin, Security Team Admins, Windows Server team etc.)
Add Scope
...
Select the relevant scope, i.e., Admin for Full Admin access, Windows endpoints or servers, Linux etc.
Once added, you can add additional permission scopes if needed.
...
On-Prem deployment:
Click the "Add member" button and input the appropriate username to associate it with the chosen scope, then click "Add”. Please note that the username should follow the syntax DOMAIN\USERNAME, and AD Security Groups are not supported in this context.
It is important to keep in mind that the user, even when added to specific scopes, must be a member of the groups utilized for GYTPOL access and management. The relevant groups can be found in the "websrv_config.json" file located at "c:\gytpol\data\webSRV” as explained in the Web access section.
...
SaaS deployment:
Please choose the user from the dropdown list of users.
...
You can add additional users to that role. Once finished, click Apply.
Refresh GYTPOL homepage and access Roles and Permissions page.
The effective access permissions will be displayed in bold format.
...