Filter for local account, group or computer

Products PolicyPak Ideas
, ,
1

What is a one sentence summary of your feature request?

Create method to filter options for accounts groups and/or computers

Please describe your idea in detail. What is your problem, why do you feel this idea is the best solution, etc.

Their might be a need to have a local account in the admin group that can execute shell commands that may not be available to other local accounts.

How do you currently solve the challenges you have by not having this feature?

I do not.

1 Like
2

Hi Vlad,

Thanks for the input. Here’s a summary of your request for clarification:

This request is for a policy rule capability that allows conditional application of permissions based on specific users or group membership.

Use Cases:

  • Help desk agents may need to run diagnostic scripts for X application with sudo, which is currently not possible without explicit rules.

  • An administrator may require a breakglass account to use sudo -s for recovery tasks (e.g., fixing a misconfigured sudoers file).

Proposed Workflow:

  • If User = AUser, then apply or exclude a Policy/Collection.

  • If User is a Member of Admin, then apply or exclude a Policy/Collection.

This flexibility would reduce manual workarounds and unnecessary escalations while ensuring controlled privilege elevation.

3

UPDATE: Already on there the roadmap! We have User and Group Support coming for macOS