Setting Group Visibility for Clients

If you use Privileged Access Service to support authentication services, you can select the Privileged Access Service roles you want to make available as valid groups on registered computers.

You can only view or delete roles from the Group Visibility page; you cannot add new roles to this page. Instead, you can make any role in Privileged Access Service available as a local group by editing the role directly.

To Make a Role Visible as a Valid Group for Clients

1. In the Admin Portal, click Settings >Enrollment to display the settings available for Privileged Access Service.

2. Click Group Visibility under the Delinea Agent section.

3. Click Add.

4. Type a search string or scroll to locate a role you want to make visible as a group on registered computers, then click Select.

   Role names that are available as valid groups on registered Linux computers and include one or more commas (such as role,name) aredisplayed on Linux computers as a concatenation of the role name, wherecommas are replaced with underscores and a random suffix is appended to theend of the name (for example, role_name_FNVO). Subsequent queries on the name (role,name or role_name_FNVO) return the same result (role_name_FNVO).