Target Objects

Target objects define the scope of a rule and the endpoints to which a rule applies. An object can be one of the following:
Target Object
A user defined in Active Directory.
Traps evaluates the logged on user the moment the user logs on. As a result, Traps will apply the policy of the logged on user regardless of the account used to open or run files.
A user group defined in Active Directory.
The Endpoint Security Manager does not support the following groups in Active Directory:
  • Domain Users
  • Domain Computers
  • Domain Guests
  • Domain Controllers
  • Domain Admins
Renaming any of these groups in Active Directory causes the ESM Console to present the group as an option to which you can apply policy, however, the renamed group is not supported.
The name of a computer or mobile device defined in Active Directory.
Organizational Unit
A subdivision within Active Directory into which you can place users, groups, computers, and other organizational units.
Existing Endpoints
A computer or mobile device on which the Traps agent is installed. The Endpoint Security Manager identifies existing endpoints by communication messages it receives from Traps agents.
For objects defined in Active Directory, the ESM Console provides autocompletion as you type.
Computer names may be offered as autocompletions even if they are not presently running Traps.
You can apply rules to all objects, to selected objects, or to all objects except those in the Exclude list.
Rules that you define for users and groups will apply to those users and groups, regardless of the endpoint on which they log in.

Related Documentation