Using Universal Policy Administrator, you can manage the scope of policy application to selected users or groups with Security Filtering. Security filtering functions depend on the Universal Policy’s source and setup.
When you import an Universal Policy from a Group Policy Object in Active Directory, by default, the imported Universal Policy applies the security filter for Authenticated Users, which targets all authenticated users in the domain. You can modify this setting as needed to apply the policy to specific users or groups.
When you create an Universal Policy without importing a Group Policy Object in Active Directory, no default security filter is applied. You must manually configure security filtering to specify the intended users or groups. If no security filters are added, the Authenticated Users group is automatically added to the Security Filtering on the Group Policy Object, upon export to Active Directory to ensure appropriate policy application.
After configuring the security filtering, you can export the policy to a GPO in AD, retaining the defined security filters.
You can view detailed insights into security filter changes through the Settings Report and Differences Report.
To Include Security Filtering from the web console:
Log in to the Web Console as an Administrator.
Navigate to the Universal Policies tab.
Select an Universal Policy.
On the policy tab, navigate to the Details menu.
Click Security Filtering.
In the Security Filtering tab, click Include.
In the dialog box, specify the users or groups to which you want to apply the policy. You can search for users or groups by entering their names in the search field.
Click Include.
Click Save, to keep your changes.
Security filtering is now configured for the selected universal policy. This configuration can be modified as needed.
To Exclude Security Filtering from the web console:
Log in to the Web Console as an Administrator.
Navigate to the Universal Policies tab.
Select an Universal Policy.
On the policy tab, navigate to the Details menu.
Click Security Filtering.
In the Security Filtering tab, click Exclude.
In the dialog box, specify the users or groups you want to exclude from the policy. You can search for users or groups by entering their names in the search field.
Click Exclude.
Click Save, to keep your changes.
The security filtering configuration is now updated for this universal policy and can be adjusted as requirements change.