AAD (Azure Active Directory) Group Rules

Create rules for Azure AD user groups and assign security control rules with AAD Groups. Remember, to Add or Edit AAD itself, please utilize the Azure Active Directory console. The following instructions are for Application Control.

All standard Console functionality expected of a Group Rule is supported:

  • Basic rule display and interaction

  • Add & Edit will be performed via selection from a Group picker. No manual entry will be supported

  • Configuration Profiler

  • Snippet Import

  • Search

  • Undo/Redo

  • Signature rescan

  • Library Group in-use checking

  • Cut/Copy/Paste between rule items within this new rule type.

Other Notes

  • Rules based on Azure AD Groups will apply at the endpoint.

  • Azure AD Joined and Hybrid Azure AD Joined machines will be supported.

  • Changes to User Group Assignment in Azure AD will apply ONLY at user logon.

  • Last known Groups should apply when network connection unavailable at logon.