This document provides information about the Privilege Profile screen on EPM Windows, where administrators can create, edit, and manage privilege profiles that group multiple Windows policies and assign them to users, devices or organizational units.
Path to access
- On Segura® Platform, in the navigation bar, hover over the Products menu and select EPM.
- In the side menu, select Policies > Windows and click Privilege Profile.
Actions menu
| Item |
Type |
Description |
| Add |
Button |
Opens the Add/Edit Privilege Profile screen. |
| Actions |
Dropdown menu |
Displays the options: Print report, Export CSV and Schedule report. |
Search fields
| Item |
Type |
Description |
| Name |
Text field |
Filters the privilege profiles by the name. |
| Targets |
Dropdown menu |
Filters the privilege profiles by the defined targets. The options are: Not specified, None and Specified. Clear the field to enable the All option. |
| Status |
Dropdown menu |
Filters the privilege profiles based on the status. The options are: Enabled and Disabled. Clear the field to enable the All option. |
| Change date |
Date picker |
Filters the privilege profiles based on the change date. |
| Clear |
Button |
Clears all filters applied. |
Report fields
- Code: identification code of the privilege profile.
- Name.
- Items: number of policies configured in the privilege profile.
- Targets.
- Include: date and time when the privilege profile was created.
- Inclusion User: user who created the privilege profile.
- Change date: date and time when the privilege profile was last edited.
- User of Change: user who last edited the privilege profile.
- Status.
- Actions:
Add/Edit Privilege Profile screen
This section provides information about the Add/Edit Privilege Profile screen, where administrators can add or edit a privilege profile.
General tab
| Item |
Type |
Required |
Description |
| Name * |
Text field |
Yes |
Name for the privilege profile. |
| Status * |
Radio button |
Yes |
Status of the privilege profile. The options are: Enabled and Disabled. |
| Description |
Text field |
No |
Description of the privilege profile. |
| Specify targets to apply * |
Radio button |
Yes |
Indicates if targets will be specified to receive profile privileges. If the selected option is Yes, the Targets tab is displayed. |
Access policies tab
| Item |
Type |
Required |
Description |
| Access policies |
Table |
No |
Lists the configured access policies. The fields are: Code, Name, Policy and Segregation. |
Automations tab
| Item |
Type |
Required |
Description |
| Automations |
Table |
No |
Lists the configured automations. The fields are: Code, Name and Policy. |
Directory and File Control tab
| Item |
Type |
Required |
Description |
| Directory and File Control |
Table |
No |
Lists the configured directory and file control policies. The fields are: Code, Name and Path. |
Directory and File Scan tab
| Item |
Type |
Required |
Description |
| Directory and File Control |
Table |
No |
Lists the configured directory and file scan policies. The fields are: Code and Name. |
System Registry Control tab
| Item |
Type |
Required |
Description |
| System Registry Control |
Table |
No |
Lists the configured system registry control policies. The fields are: Code, Name, Type and Path. |
Commands tab
| Item |
Type |
Required |
Description |
| Commands |
Table |
No |
Lists the configured command policies. The fields are: Code, Name and User command. |
Segregated Parameters tab
| Item |
Type |
Required |
Description |
| Segregated Parameters |
Table |
No |
Lists the configured segregated parameters policies. The fields are: Code, Name and Type. |
Review tab
Use the Review tab to check all the information entered in the previous tabs.
Privilege profile details screen
This section provides information about the Privilege profile details screen, which displays the profile settings in a read-only format.
General tab
| Item |
Description |
| Name |
Name of the privilege profile. |
| Description |
Description of the privilege profile. |
| Status |
Status of the privilege profile. |
| Targets |
Indicates if targets are specified to receive the privilege profile. |
Access policies tab
| Item |
Description |
| Name |
Name of the access policies configured. |
| Action |
Action executed by the access policies configured. |
| Enabled |
Indicates if the access policies are enabled. |
Automations tab
| Item |
Description |
| Name |
Name of the automations configured. |
| Action |
Action of the automations configured. |
| Enabled |
Indicates if automations are enabled. |
Directory and File Control tab
| Item |
Description |
| Name |
Name of the directory and file control policies configured. |
| Path |
Path of the directory and file control policies configured. |
| Enabled |
Indicates if directory and file control policies are enabled. |
Directory and File Scan tab
| Item |
Description |
| Name |
Name of the directory and file scan policies configured. |
| Enabled |
Indicates if directory and file scan policies are enabled. |
System Registry Control tab
| Item |
Description |
| Name |
Name of the system registry control policies configured. |
| Type |
Type of the system registry control policies configured. |
| Path |
Path of the system registry control policies configured. |
| Enabled |
Indicates if system registry control policies are enabled. |
Commands tab
| Item |
Description |
| Name |
Name of the system registry control policies configured. |
| User command |
Command policies configured. |
| Enabled |
Indicates if system registry control policies are enabled. |
Segregated Parameters tab
| Item |
Description |
| Name |
Name of the segregated parameters policies configured. |
| Type |
Type of the segregated parameters policies configured. |
| Enabled |
Indicates if segregated parameters policies are enabled. |
Devices tab
This tab will only be displayed if the Specify targets to apply * field is set to Yes.
| Item |
Description |
| Domain |
Domain of the device configured to receive the privileges. |
| Hostname |
Hostname of the device configured. |
| IP |
IP address of the device configured. |
| Operating system |
Operating system running on the device configured. |
| Enabled |
Indicates whether the device is enabled. |
Users tab
This tab will only be displayed if the Specify targets to apply * field is set to Yes.
| Item |
Description |
| Username |
Username of the user configured to receive the privileges. |
| Domain |
Domain associated with the user configured. |
| Enabled |
Indicates whether the user is enabled. |
Organization Units tab
This tab will only be displayed if the Specify targets to apply * field is set to Yes.
| Item |
Description |
| OU |
Organization units configured to receive the privileges. |