Role-Based Policy Command Groups

Command Groups determine which commands will be allowed or rejected.

An image of the Role Based Policy Command Groups section in BeyondInsight for Unix & Linux.

Role-based policy management is disabled on hosts configured to use script-based policy. For more information, see Role-Based vs. Script-Based Policies.

Add a Command Group

  1. Go to the Policy Management page.
  2. In the Hostname list, select a server entry, and then at the far right, click the ellipsis menu icon and select Server Details.
  3. Click Policy.
  4. Click What.
  5. Click Add Command Group.
  6. Enter Command Group Name, Command Group Description, and choose whether the Command Group is enabled or disabled.
  7. Enter Commands. When adding a command to the list, you must enter Command, which is the command an Endpoint Privilege Management for Unix and Linux user types. Optionally, you can enter Executed, which is executed in place of the Command.
  8. Click Save.

Delete a Command Group

  1. Go to the Policy Management page.
  2. In the Hostname list, select a server entry, and then at the far right, click the ellipsis menu icon and select Server Details.
  3. Click Policy.
  4. Click What.
  5. Select an existing entry from the Command Groups list.
  6. Click Delete.