Group policies | RS Pathfinder

What are group policies?

Group policies define permissions and settings for groups of users, enabling administrators to standardize and streamline access control.

How are group policies useful?

Group policies help ensure consistency in user permissions, simplify administrative tasks, and support secure and efficient management of user groups.

How do I access the Group Policies page?

Sign into app.beyondtrust.io.
The BeyondTrust Home page displays.
From the left menu, click Remote Support > Users & Security.
The Users page displays.
At the top of the page, click Group Policies.
The Group Policies page displays.

The Group Policies page

<RS_UXPathfinder />

Add: Adds a new group policy and changes order of policy priority.
Filter: Search for group policies using the Name field.
Group Policies columns: The list of Group Policies columns.
Group Policies columns
- Name: Unique name of the group policy.
Group Policies list options: Copy, edit or delete a group policy.

Add a new policy

Sign into app.beyondtrust.io.
The BeyondTrust Home page displays.
From the main menu, click Remote Support > Users & Security.
The User & Security page opens and the Users tab displays by default.
Click the Group Policies tab.
The Group Policies tab displays.
Click Add.
The Add New Policy page displays.
For Policy Name, enter a unique name for the policy.
For the Available Members, select a member to assign and click Add to move them to the Policy Members list.
You can use the Search box to find existing members. You can select users from your local system or select users or entire groups from configured security providers. If an attempt to add a user from a configured security provider is invalid, the synchronization log error message appears here as well as in the log.
Select the various group policy settings. See Group Policy settings.
Click Save.

Copy a policy

To expedite the creation of similar policies, you can copy a policy with identical settings. You can then edit this new policy to meet your specific requirements.

Sign into app.beyondtrust.io.
The BeyondTrust Home page displays.
From the main menu, click Remote Support > Users & Security.
The User & Security page opens and the Users tab displays by default.
Click the Group Policies tab.
The Group Policies tab displays.
Find the group policy you want to duplicate, and click Copy .
The Add new policy page loads with the settings matching the original policy. Make any adjustments needed, then click Save.

Edit a policy

Sign into app.beyondtrust.io.
The BeyondTrust Home page displays.
From the main menu, click Remote Support > Users & Security.
The User & Security page opens and the Users tab displays by default.
Click the Group Policies tab.
The Group Policies tab displays.
Find the group policy you want to edit, and click Edit .
The Edit policy page loads. Make any adjustments needed, then click Save.

ℹ️
If you edit the group policy that is the default for the local provider, or has local administrator users, and remove administrator permissions, a warning message appears. Ensure other users have administrator permissions before proceeding.

Delete a policy

Sign into app.beyondtrust.io.
The BeyondTrust Home page displays.
From the main menu, click Remote Support > Users & Security.
The User & Security page opens and the Users tab displays by default.
Click the Group Policies tab.
The Group Policies tab displays.
Find the group policy you want to remove, and click Delete .
When prompted, click Yes.

Account settings

General permissions

Representative permissions

Jump Technology
- Allowed Jump methods:
  - Jump Clients
  - Local Jump (Windows only)
  - Local VNC
  - Local RDP
  - Remote Jump
  - Remote VNC
  - Remote RDP
  - Shell Jump
  - Intel vPro
- Jump Item Roles A Jump Item Role is a predefined set of permissions regarding Jump Item management and usage. For each option, click the Edit button to open the Jump Item Role in a new tab.
  - The Default role is used only when Use User's Default is set for that user in a Jump Group.
  - The Personal role applies only to Jump Items pinned to the user's personal list of Jump Items.
  - The Teams role applies to Jump Items pinned to the personal list of Jump Items of a team member of a lower role. For example, a team manager can view team leads' and team members' personal Jump Items, and a team lead can view team members' personal Jump Items.
  - The System role applies to all other Jump Items in the system. For most users, this should be set to No Access. If set to any other option, the user is added to Jump Groups to which they would not normally be assigned, and in the representative console, they can see non-team members' personal lists of Jump Items.
  - The Endpoint automation role sets how a user can use endpoint automation.
    - Not allowed prevents them from seeing the Jump > Endpoint Automation tab altogether.
    - A User can create new automation jobs with these restrictions:
      - They are able to choose any existing Script Template but cannot edit the Script Template, Script Command, nor select or change the template accompanying Resources.
      - The Script Template, Script Command, Operating System, and Resources fields are unavailable.
      - They can run scripts only on Jump Items where their Jump Item Role includes the Start Sessions permission (set on the Jump > Jump Items Role page).
      - An Administrator has full access and ability to create Jobs, Scripts Templates, and Resources.
        ℹ️
        For more information, see Jump Item Roles and Endpoint Automation.
Representative console
- Idle timeout Set how long the representative can be idle before being logged out of the representative console. This permission can use the site-wide setting or can override that setting.

Attended and unattended session permissions

Availability settings

Membership

Updated 2 months ago