We are trying to exclude service accounts from role modifications in RSA 6.9, but didnt find any policy to do so. is there anything we missed? or do we have any work-around for same.
Can you give me details about the use case here? Are you talking about who are members of the role?
Nice to see reply from you.
We would like to exclude any user who is not employee or contractor from role modification. So, technically, any account is not configured as employee based on "employee type" field, shouldnt show-up under add role membership.
On the Members tab you can define a membership rule. This is used for adding members to the role and also creates a rule that can be run to ensure the role membership is kept in line with the filter. In your use case, I believe the filter you would construct would look at the "employee type" field on members.
Thanks Sean, let me try it.
Retrieving data ...