Role Based Access Control and Permissions management

Owned by Mark Zuk
Last updated: Mar 24, 2024
3 min read

Web access permissions

For On-Premises Deployment of GYTPOL

After the initial setup, the GYTPOL web UI is accessible to the "Authenticated Users" domain group. However, it is possible to restrict access to the web UI by creating a specific security group that includes only users who should be allowed access. The permissions for each member can then be established and controlled through the "Roles and Permissions" screen, as illustrated below.

To limit access to the web UI, you have the option to establish a GYTPOL access group, such as "GYTPOL Web Access”. To implement this restriction, make sure to add the created group to the "websrv_config.json" file located at "c:\gytpol\data\webSRV" folder as demonstrated in the example below:

Ensure that you maintain JSON formatting and utilize a double slash for the domain\group value.

For SaaS Deployments

If SAML integration hasn't been set up, you can request your GYTPOL Customer Success Manager to create local users in your cloud tenant.

If you prefer to use SAML IdP, please refer to this guide: SaaS IdP (SAML) Integration Manual

Role based access control setup

Please open the GYTPOL UI and click the gear icon Settings Roles & Permissions

Write the desired role name (i.e., Full Admin, Security Team Admins, Windows Server team etc.)

Add Scope

Select the relevant scope, i.e., Admin for Full Admin access, Windows endpoints or servers, Linux etc.

Once added, you can add additional permission scopes if needed.

On-Prem deployment:

Click the "Add member" button and input the appropriate username to associate it with the chosen scope, then click "Add”. Please note that the username should follow the syntax DOMAIN\USERNAME, and AD Security Groups are not supported in this context.

It is important to keep in mind that the user, even when added to specific scopes, must be a member of the groups utilized for GYTPOL access and management. The relevant groups can be found in the "websrv_config.json" file located at "c:\gytpol\data\webSRV” as explained in the Web access section.

SaaS deployment:

Please choose the user from the dropdown list of users.

  1. You can add additional users to that role. Once finished, click Apply.

  2. Refresh GYTPOL homepage and access Roles and Permissions page.

  3. The effective access permissions will be displayed in bold format.