![]() |
![]() |
Rule Check: User Group Membership
The User Group Membership check determines whether the specified account is a member of exactly the listed groups, and no others. If the account is not a member of one of the listed groups, or if it is a member of a group not listed here, the check fails.
You can use this check to make sure that a given user is not a member of any group that may have higher access permissions than the user should be allowed.
Parameters | Description |
---|---|
User |
The single account name to check. Only a single account name can be used. It cannot be a comma-delimited list of account names, or the UID, or the keyword ALL. Some valid examples are:
Some examples that will not work:
|
...should be in groups |
The list of group names the account name should be a member of. This is a single group name or a comma-delimited list of group names. The group name must be used, not the group GID. Extra spaces are ignored Some valid examples are:
Some examples that will not work:
|
Remedial Suggestion (optional) |
Optional suggestion |
Comments
0 comments
Please sign in to leave a comment.