Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Image Removed

When enforcing Group Membership, you will be able to include or exclude the following from the group:

  • Built-in users
  • Domain groups
  • Users
  • Provisioned Users

Creating a Provisioned User in a new Provisioned Group is different from Creating Provisioned Users to PoliciesWhen you create a provisioned user in a new provisioned group, it is different from creating provisioned users to apply to policies. For example, when you are creating a New Provisioned Groupcreate a new provisioned group, you decide to also create a new Provisioned User provisioned user called "Arellia Thycotic Admin". This ; this is the Local Administrator Account that the IT Staff will use. As a local account, Arellia account for IT to use. Thycotic models the local account as Provisioned Usera provisioned user. In the "Group Membership" case, the Provisioned User case of group membership, the provisioned user acts as a placeholder within the group and is used to define this Provisioned User . In other words, this provisioned user is defined within the context of the group.

Keep in mind that for provisioned users to work you must include them in a policy or task. (For instructions about including provisioned users in a policy or task, go to Apply Provisioned Group.)

To create a provisioned user for group membership, do the following steps:

  1. In the Thycotic Security Manager, go to the Policies tab.
  2. In the file library in the left pane, navigate to Thycotic Solutions > Local Security > Resources > Provisioned Users.
    Image Added
  3. Right-click Provisioned Groups and click New > Provisioned User Groups, or in the right pane click the New button.
    Image Added
  4. In the New Provisioned User dialog box under Settings > Account, select Named and enter the user name.
  5. In the Full name field, enter the user's full name.
  6. Select the Password never expires check box.
  7. Click Save.

    Image Added 
Info
titleTip

After you create a Provisioned User, leave the new Provisioned User in the Local Users group or add the new Provisioned User to the Administrators Group (for instructions, go to Add a new provisioned user to the administrators provisioned group).