Skip to content

How to Grant Automatic Approvals for Requests Raised by Specific Users?

In organizations with established hierarchies, executives and managers must be able to run certain applications with admin rights without having to go through a request approval process. To facilitate such a workflow, Securden Endpoint Privilege Manager provides a provision to grant automatic approval for requests raised by specific users on specific machines through automatic approval policy.

How to Create an Automatic Approval Policy?

Navigate to Admin >> Privilege Management >> Automatic Approval Policies and follow the steps below to create an automatic approval policy.

  • Click on Add Policy.

How To Add Automatic Approval Policy In EPM

  • Select Policy Type based on the platform/operating system of device you want to associate with the automatic approval policy. You can create automatic approval policies for Windows and Mac devices.

Create Automatic Approval Policy For Mac And Windows Devcies

  • Provide a suitable Name and Description (Optional) for the automatic approval policy.

Name And Description For Automatic Approval Policy

  • You can grant automatic approval for requests raised on specific devices. You can also grant approval on all devices. If you choose to restrict devices, you need to search and select the computers and computer groups.

Associate Automatic Approval Policy With Specific Devices

  • Next, you need to associate the automatic approval policy with users. You have three options here,

    • For all users on all the associated devices in the previous step.

    • If you want to grant approval only for specific users, you must select the Include specific users/user groups option and search and add all the required users and groups.

    Auto Approve Requests Raised By Specific Users And Groups

    • If you want to grant automatic approval for requests raised by everyone except a few users, you can select Exclude specific users/user groups option and specify the excluded users.

Note

When selecting individual users and groups, you have the option to associate the policy with local user accounts discovered on the associated endpoints.

Important

If you are trying to implement privileged access workstations (PAW) type setup, you must choose All Computers/Devices and select All Users when creating an automatic approval policy. This would grant approvals raised by any user on specific endpoints.

How to Enforce Restrictions on Automatic Approvals Using Securden EPM?

Apart from restricting users and devices when granting automatic approvals, you can optionally enforce certain additional conditions for granting automatic approvals. These include:

Enforce Restrictions For Granting Automatci Approval For Requests

  • Time Restrictions: You can configure the policy to grant approvals only between specific times during the day and limit the maximum duration of elevated access.

  • IP Address Restrictions: You can configure the policy to grant approvals to requests that are raised from computers within a specific IP range.

  • Application Restrictions: You can configure the policy to grant approvals for requests raised for specific applications or application groups.

  • You can grant approvals based on a combination of the above conditions. You need to choose whether you want to grant approval if the requests satisfy one of the criteria or only grant approval if all conditions are met through the AND or OR operator.

  • Once the preferences are selected, you can click Save to create the automatic approval policy.

Securden Help Assistant
What's next?
Request a Demo Get a Price Quote
Thank you message

Thanks for sharing your details.
We will be in touch with you shortly.

Thanks for sharing your details.
We will be in touch with you shortly.