Group membership in Active Directory (AD) can be used to distribute different signatures instead of creating rules.
This is useful when the AD is not updated or does not contain enough information to create group segments via rules.
- Create a field in Xink. Preferences > Fields, click the '+' button.
- Add the LDAP name ‘groupCnList’.
Xink accounts created from Feb 2018, will include 'Groups' field by default.
How to read groups from Active Directory on-premises
If your Xink account was created before Feb 2018, get the latest version of ADExport in your Xink account:
AD Export tool will not pull group membership by default, you need add the user group /ug switch at the end of your command line to include it. Examples:
This example will pull all your AD users and incl. their group memberships:
C:\emsadexport.exe /secret:"INSERT-YOUR-SECRET-TOKEN" /ug
This example will pull users from an AD group and incl. their group memberships:
C:\emsadexport.exe /secret:"INSERT-YOUR-SECRET-TOKEN" /group:"My Test" /remove+ /ug
To verify that the user's group membership are exported:
This is an instruction to export groups to Xink - Learn more in example #7
How to read groups from Active Directory Azure
Please submit a support ticket and we'll activate upon request.
How does group memberships show for employees?
How to create a rule to target user's AD group membership
Go to 'Preferences' and click 'Rules'. Now create a rule where you check against the 'Groups' field:
Don’t use the extra condition. It makes it more difficult to maintain. Keep one rule to one group check.
Move the rules up and down if you want to change execution order. It will stop at the first rule where the condition is met.