Target Objects

Target objects define the scope of a rule and the endpoints to which a rule applies. An object can be one of the following:
Target Object
Description
AD Users
A user defined in Active Directory.
Traps evaluates the logged on user the moment the user logs on. As a result, Traps will apply the policy of the logged on user regardless of the account used to open or run files.
AD Computers
The name of a computer or mobile device defined in Active Directory.
Computer names may be offered as autocompletions even if they are not presently running Traps.
AD Groups
A user group defined in Active Directory.
The Endpoint Security Manager does not support the following groups in Active Directory:
  • Domain Users
  • Domain Computers
  • Domain Guests
  • Domain Controllers
  • Domain Admins
If you rename any of these groups in Active Directory, the ESM Console can present the group as an option to which you can apply policy, however, the renamed group is not supported.
AD Organizational Unit
A subdivision within Active Directory into which you can place users, groups, computers, and other organizational units.
Existing Endpoints
A computer or mobile device on which the Traps agent is installed. The Endpoint Security Manager identifies existing endpoints by communication messages it receives from Traps agents.
Existing Groups
A static or dynamic group whose membership is defined by specific endpoint characteristics such as hostname or IP address. To create an endpoint group, see Manage Endpoint Groups.
For objects defined in Active Directory, the ESM Console provides autocompletion as you type. Rules that you define for AD users and AD groups will apply to those users and groups, regardless of the endpoint on which they log in.
You can apply rules to all objects, to selected objects, or to all objects except those in the Exclude list.

Related Documentation