Grant specific users or groups access to an AUP category

Before you begin

  1. Make sure a directory and identity provider is configured. For more information, see Add a directory and Add an identity provider.
  2. Require authentication to access AUP content that’s allowed (not blocked). See Require authentication to access a website.

Complete this procedure to define access in an acceptable use policy (AUP) to specific users or groups. When you set the AUP category to block, you can define the list of users or groups that are exempt from the block action.

How to

  1. In the navigation menu, select Configuration > Policies.
    Note: If you are trying the new Enterprise Center interface, in the navigation menu, select Policies > Policies.
  2. Go to the policy where you want to grant specific users or groups access to a blocked AUP category.
  3. Click the edit icon.
  4. Click the Access Control tab.
  5. Go to the Acceptable Use Policy tab.
    Note: If you are participating in the application visibility and control (AVC) beta, you define AUP as part of an AVC configuration. Categories are available in the AUP and Shadow IT tab. For instructions, see Configure application visibility and control.
  6. Go to the blocked category that you want only specific users to access.
  7. To associate groups:
    1. Click the link icon associated with the Groups area.
    2. Enter the group name. As you enter a group name, a list of groups appears in a drop-down list. This includes imported groups, organizational units (OUs), and any overlay groups that were added to ETP.
      If the group name you provide does not appear in the drop-down list, you can add the group. If you add a group, you must also add the group to the relevant directory for the group to authenticate and gain access.
    3. Select the group or group from the list.
    4. Click Associate.
  8. To associate users:
    1. Click the users icon.
    2. In the search field, enter the user’s unique user ID, and click Search User.
    3. If the user does not exist in the directory associated with the policy identity provider, you can enter a unique ID for a user you want to add and click Add User. This adds the unique ID to the list. You must also add the user to the relevant directory for the user to authenticate and gain access. The user ID that’s provided here is the ID that the user enters to authenticate.
      If you need to find a user ID to enter into this field, you can filter activity in the Proxy Activity report (Monitoring > Activity > Proxy Activity) by User ID.
    4. Select the user that you want to be an exception to the block.
    5. Click Associate
  9. Click Save.

Next steps

Deploy configuration changes