Documentation
Start typing to search…

Group policies | PRA Pathfinder

What are Group policies?

Group policies define permissions and settings for groups of users, enabling administrators to standardize and streamline access control.

How are Group policies useful?

Group policies help ensure consistency in user permissions, simplify administrative tasks, and support secure and efficient management of user groups.

How do I access the Group Policies page?

  1. Sign into app.beyondtrust.io.
    The BeyondTrust Home page displays.
  2. From the main menu, click Privileged Remote Access > Users & Security.
    The User & Security page opens and the Users tab displays by default.
  3. Click the Group Policies tab.
    The Group Policies tab displays.

The Group Policies page

An image of BeyondTrust Privileged Remote Access interface showing the 'Users & Security' page with the 'Group Policies' tab selected. The page includes '+ Add' and 'Change Order' buttons, and a search bar labeled 'Search Group Policies.' A table lists six group policies: User, Auditor, Administrator, Require MFA, BeyondTrust Pathfinder User, and TestPolicy. Each policy entry includes icons for editing, copying, and deleting.

  1. Add:- Adds a new group policy and change order of policy priority.

  2. Filter: Search for group policies using the Name field.

  3. Group Policies columns: The list of Group Policies columns.

    Group Policies columns
    • Name: Unique name of the group policy.

  4. Group Policies list options: Copy, edit or delete a group policy.

Add a new policy

  1. Sign into app.beyondtrust.io.
    The BeyondTrust Home page displays.
  2. From the main menu, click Privileged Remote Access > Users & Security.
    The User & Security page opens and the Users tab displays by default.
  3. Click the Group Policies tab.
    The Group Policies tab displays.
  4. Click Add.
    The Add New Policy page displays.
  5. For Policy Name, enter a unique name for the policy.
  6. For the Available Members, select a member to assign and click Add to move it to the Policy Members list.
    You can use the Search box to find existing members. You can select users from your local system or select users or entire groups from configured security providers. If an attempt to add a user from a configured security provider is invalid, the synchronization log error message appears here as well as in the log.
  7. Select the various group policy settings, see Group Policy settings.
  8. Click Save.

Copy a policy

To expedite the creation of similar policies, you can copy a policy with identical settings. You can then edit this new policy to meet your specific requirements.

  1. Sign into app.beyondtrust.io.
    The BeyondTrust Home page displays.
  2. From the main menu, click Privileged Remote Access > Users & Security.
    The User & Security page opens and the Users tab displays by default.
  3. Click the Group Policies tab.
    The Group Policies tab displays.

Edit a policy

  1. Sign into app.beyondtrust.io.
    The BeyondTrust Home page displays.
  2. From the main menu, click Privileged Remote Access > Users & Security.
    The User & Security page opens and the Users tab displays by default.
  3. Click the Group Policies tab.
    The Group Policies tab displays.
ℹ️

If you edit the group policy that is the default for the local provider, or has local administrator users, and remove administrator permissions, a warning message appears. Ensure other users have administrator permissions before proceeding.

Delete a policy

  1. Sign into app.beyondtrust.io.
    The BeyondTrust Home page displays.
  2. From the main menu, click Privileged Remote Access > Users & Security.
    The User & Security page opens and the Users tab displays by default.
  3. Click the Group Policies tab.
    The Group Policies tab displays.

Along with adding a new group policy, you can also change the order and search for existing group policies.

Change order

Click the Change Order button to drag and drop group policies to set their priority. Click Save Order for prioritization changes to take effect. When multiple policies apply to a given user, the permissions take effect by starting at the top of the Group Policies list, and then moving down the list. If a permission conflicts with a permission applied by a group policy higher in the list, then the lower permission will overwrite the higher, unless the higher was set as Final. By changing the order, you are changing the priority of the group policy. In short, group policies that appear lower in the list have a higher functional priority than those that are higher.

Search group policies

To quickly find an existing policy in the list of Group Policies, enter the name, or part of the name. The list filters to all policies with a name containing the entered search term. The list remains filtered until the search term is removed, even if the user goes to other pages or logs out. To remove the search term, click the X to the right of the search box.

Expand all / collapse all

To assist with searching and navigating the group policies, click the Expand All link above the grid to expand the details of all listed group policies. Click Collapse All to return to the unexpanded list of group polices.

Group Policy settings


You can also apply a Jump policy to manage user access to the Jump Items in this Jump Group by selecting Set on Jump Items instead uses the Jump Policy applied to the Jump Item itself.

Jump Policies are configured on the Jump > Jump Policies page and determine the times during which a user can access this Jump Item. A Jump Policy can also send a notification when it is accessed or can require approval to be accessed. If neither the user nor the Jump Item has a Jump Policy applied, this Jump Item can be accessed without restriction.

Updated 2 months ago

©2003-2026 BeyondTrust Corporation. All Rights Reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.