Group membership in Active Directory (AD) can be used to distribute different signatures instead of creating rules.
This is useful when the AD is not updated or does not contain enough information to create group segments via rules.
- Create a field in Xink. Preferences > Fields, click the '+' button.
- Add the LDAP name ‘groupCnList’.
Xink accounts created from Feb 2018, will include 'Groups' field by default.
How to read groups from Active Directory on-premises
If your Xink account was created before Feb 2018, get the latest version of ADExport in your Xink account:
Since we decided not to pull group memberships by default, you need add the user group /ug switch:
C:\emsadexport.exe /secret:"INSERT-YOUR-SECRET-TOKEN" /ug
This is an instruction to export groups to Xink - Learn more in example #7
How to read groups from Active Directory Azure
Please submit a support ticket and we'll activate upon request.
How does group memberships show for employees
How to create a rule based on group membership
Now create a rule where you check against the 'Groups' field:
Don’t use the extra condition. It just makes it more difficult to maintain. Keep one rule to one group check.
Move the rules up and down if you want to change execution order. It will stop at the first rule where the condition is met.