NetWitness Community

Hitachi_L3 · ‎2021-09-08

Hi Guys,

We have RSA Netwitness and we have added Active Directory server so users can login from to the SA using AD credentials. My query is that how it's possible to add individual AD accounts instead of only entire groups? Also, if I add a AD group, I am able to add only one Role ( like admin OR Analyst ) to that group. This mean the only way now is to create different groups for different levels of access or is there any other way ?

JoshRandall · ‎2021-09-08

@Hitachi_L3

It's only possible to add external AD security groups, not individual user accounts.

But you can certainly assign multiple roles to the external group - simply need to keep adding them to the group within the Admin/Security --> External Group Mapping tab:

Mr. Mongo

View solution in original post

JoshRandall · ‎2021-09-08

@Hitachi_L3

It's only possible to add external AD security groups, not individual user accounts.

But you can certainly assign multiple roles to the external group - simply need to keep adding them to the group within the Admin/Security --> External Group Mapping tab:

Mr. Mongo

Hitachi_L3 · ‎2021-09-09

Thanks for your reply. That was helpful and I'll try that. Once I assign multiple roles to the group then I can then assign individual roles to the user from one of those roles right ?

Hitachi_L3 · ‎2021-09-09

@JoshRandall Once the AD user belonging to the AD group logs in, how do I assign him one of the roles which I have assigned the AD group? When I edit user I cannot see any such option to assign roles to them.

JoshRandall · ‎2021-09-09

@Hitachi_L3

You assign permissions to Roles and External Group Mappings, not to individual users. Users with those roles will receive the assigned permissions.

Mr. Mongo

NetWitness Community

Active directory Authentication with RSA Netwitness