Hey all, There are some applications that are only allowed for exceptional users ( for example - pentesting tools ). So in order to access them they have to be added in the AD group for access. If the user needs the same application access for only 3-4 days for project purpose, having ServiceNow integration available for us cannot make those applications available over this integration as well as over the JIT feature .
So is there any integration that can make this custom access possible.?
We use application groups tied to Designated User messages that only accept the credentials of users from a defined AD group. Once setup, you can add or remove folks from the AD group to control access to those apps.
I see three options for this. First is a separate workstyle targeting the tools for just those users. Second is the Application Rule Filter option added to 24.5 and thirds is the same option Josh Bristow gives above with the designated users Group in the message design.
I could see it as a nice feature adding a JIT app rule for an entire Suite of PEN testing tools to one application group, so we could allow PEN testing tools for an hour or a day or similar.
Got it that is much better approach Jens and Josh , i will create a access keeping this points in mind.
Thanks For the options.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
