Configure group membership expiry
You can configure a member to be removed from a group at a pre-configured time by setting an expiry time on the group member. This applies to any type of group member; users, agents and endpoints. For example, the group expiry allows you to authorize a user to use a policy until a pre-defined end time, at which point the user will be removed from the policy group.
The configurable group expiry is useful in scenarios where a time limited access policy is required, such as temporary remote access to a protected asset for vendors or support engineers.
To learn how to configure the group membership expiry, please read the steps below.
In the Orchestrator, click on the Group menu on the left and then select the group you wish to modify.
In the configuration window for the group, select the group member which you want to set an membership expiry for and click on the clock icon that appears when you hover the mouse pointer over the Membership expires parameter.
The expiry date and time setting pop-up will open. The time is the local time of the Administrator's browser. Set the expiry date and time, and then click SCHEDULE.
The Group view will update to show the configured expiry for the member.
The group member will be removed at the configured date and time.