FAQs by Category 

Installation Guide

FAQ No.:00211 
Category:Advanced Settings 

Question:How to grant control policy by user/user group?
Answer:Control policy of Curtain e-locker can be applied to computer or user/user group. If you prefer to grant control policy by AD user/user group, you need to connect with AD for importing user information to Curtain Admin. When the first time Curtain Admin gets a user information, the system will use default control policy for controlling that user/user group. Administrator needs to assign the user/user group to appropriate control policy group manually.

To grant control policy by user/user group, please follow steps stated below to enable "Assignment of User" in Curtain Admin.

Steps for enabling "Assignment of User" in Curtain Admin:
1. Launch Curtain Admin, open File -> Settings -> Assignment of Security Policy.

2. Choose "Assignment of User", and click "OK" button.

Then "User And Group" will be shown in Curtain Admin.

3. Done.

Steps for importing users and user groups from AD domain:
1. Launch Curtain Admin, open File -> Settings -> LDAP.

2. Check "Enable LDAP" button.

3. Enter LDAP server address, DNS or IP address on "LDAP Server Address".

4. "LDAP Server Port", default port is 389.

5. Recommend to enable "Use Secure LDAP Connection", it means to use secure LDAP connection to AD (default is disable).

6. Enter user name on "LDAP Username" to connect LDAP server.

7. Enter password on "LDAP Password".

8. "LDAP Search Base", enter the root of user or group , should enter CN, OU and DC .
  • for search the whole domain, enter "dc=domain name,dc=domain suffix" (e.g. "dc=test,dc=com")
  • for search the whole group, enter "ou=organizational unit name,dc=domain name,dc=domain suffix" (e.g. "ou=it,dc=test,dc=com")
  • for search single user, enter "cn=username,ou=organizational unit name,dc=domain name,dc=domain suffix" (e.g. "cn=tester,ou=it,dc=test,dc=com")

9. "LDAP Information Caching", for setup caching information of AD (default is 15 minutes).

10. While setting is finished, click "Test connection" button to see whether connect to AD successfully or not.

11. If AD user/user group is imported to Curtain Admin successfully, they will be shown under "User And Group" in Curtain Admin as below.

12. Done.

P.S. For local/workgroup users, they will be listed under "User And Group" once they open Curtain Client.

Steps to assign users/user groups to different Control Policy Groups:
1. In Curtain Admin, select User/Group in left panel. Then, Users/Groups will be listed out in the right panel.

2. Select users/groups (press Ctrl button for multiple selection).

3. Right click and select "Change Policy" to assign users/groups to appropriate Control Policy Group.

4. Repeat Step 2-3 for assigning other users/groups to appropriate policy groups.

5. Done.