Skip to main content

Active Directory Import Policy

  • Updated

Overview

The Active Directory Import Policy in CyberQP allows IT admins to define which security groups to use when automatically importing accounts from on-premises Active Directory environments. This policy ensures that only accounts from specific groups—either built-in or custom—are brought into CyberQP and managed according to your preferred workflows.

You can apply the policy to both end-user and administrator accounts and assign it to existing customers or set it as default for new ones.  You will need to create a separate policy for each account Type (Administrators and End Users - however only 1 End User import policy SOURCE can be configured per Customer).

 

Prerequisites

  • You must have the Super, Primary, or Manager role in CyberQP

 

Step-by-Step Guide

1. Go to Global Settings > Automatic Imports

2. Click + New Import Policy, then select Automatic Import Options

3. Select Account Type
Choose whether you’re creating the policy for End-user Accounts or Administrator Accounts
Each policy is specific to one account type only

4. Enter Policy Name and Description
Give your policy a meaningful name and a short description for future reference

5. Set as Default (Optional)
Enable this option if you want all newly added customers to use this policy by default
Note: Only one default policy is allowed per account type

6. Assign Existing Customers
Select customers from the list who should immediately begin using this policy’s settings

7. Add Security Groups
 

  • Built-In Groups
    Choose from a list of predefined Active Directory security groups such as Domain Users (for end user import) and Domain Admin, etc (for administator import)

    NOTE: For end user account import, if the Domain Users Built-In group is selected, this will BY DEFAULT exclude accounts that are also a member of privileged built-in groups.

    For a complete list of built-in groups that are excluded, see the following articles:

    Enable Privileged Account Auditing Alerts
    Understanding Least Privilege in Active Directory and Entra ID

  • Custom Groups

    Enter the names of your own custom security groups in Active Directory.
    This gives you control over exactly which sets of users (e.g., Accounting Team, Tier1-Support) are imported.
    CyberQP will monitor these groups and import accounts accordingly.

 

Related articles

Comments

0 comments

Please sign in to leave a comment.