FAQ

   


FAQs by Category 

Installation Guide


  
FAQ No.:00303 
Category:Advanced Settings; Curtain MonGuard 
 
Question:How to grant control policy by user/user group in Curtain MonGuard?
 
Answer:Control policy of Curtain MonGurard can be applied to computer or user/user group. If you prefer to grant control policy by AD user/user group, you need to connect with AD for importing user information to Curtain MonGuard Admin. When the first time Curtain MonGuard Admin gets a user information, the system will use default control policy for controlling that user/user group. Administrator needs to assign the user/user group to appropriate control policy group manually.

To grant control policy by user/user group, please follow steps stated below to enable "Assignment of User" in Curtain MonGuard Admin.

Steps for enabling "Assignment of User" in Curtain MonGuard Admin:
1. Launch Curtain MonGuard Admin, open File -> Settings -> Assignment of Security Policy.

2. Choose "Assignment of User", and click "OK" button.



Then "User And Group" will be shown in Curtain MonGuard Admin.



3. Done.


Steps for importing users and user groups from AD domain:
1. Launch Curtain MonGuard Admin, open File -> Settings -> LDAP.

2. Check "Enable LDAP" button.

3. Enter LDAP server address, DNS or IP address on "LDAP Server Address".

4. "LDAP Server Port", default port is 389.

5. Recommend to enable "Use Secure LDAP Connection", it means to use secure LDAP connection to AD (default is disable).

6. Enter user name on "LDAP Username" to connect LDAP server.

7. Enter password on "LDAP Password".

8. "LDAP Search Base", enter the root of user or group , should enter CN, OU and DC .
  • for search the whole domain, enter "dc=domain name,dc=domain suffix" (e.g. "dc=test,dc=com")
  • for search the whole group, enter "ou=organizational unit name,dc=domain name,dc=domain suffix" (e.g. "ou=it,dc=test,dc=com")
  • for search single user, enter "cn=username,ou=organizational unit name,dc=domain name,dc=domain suffix" (e.g. "cn=tester,ou=it,dc=test,dc=com")

9. "LDAP Information Caching", for setup caching information of AD (default is 15 minutes).

10. While setting is finished, click "Test connection" button to see whether connect to AD successfully or not.



11. If AD user/user group is imported to Curtain MonGuard Admin successfully, they will be shown under "User And Group" in Curtain MonGuard Admin as below.



12. Done.


Steps to assign users/user groups to different Control Policy Groups:
1. In Curtain MonGuard Admin, select User/Group in left panel. Then, Users/Groups will be listed out in the right panel.



2. Select users/groups (press Ctrl button for multiple selection).

3. Right click and select "Change Policy" to assign users/groups to appropriate Control Policy Group.



4. Repeat Step 2-3 for assigning other users/groups to appropriate policy groups.

5. Done.