Configuring End-User Notifications
If you did not install End-User Notifications with the Apply All Tanium recommended configurations option, you must enable and configure certain features.
When you import End-User Notifications with automatic configuration, the following default settings are configured:
The following default settings are configured for End-User Notifications:
Setting | Default value |
---|---|
Action group |
|
Service account |
The service account is set to the account that you used to import the module. Configuring a unique service account for each Tanium solution is an extra security measure to consider in consultation with the security team of your organization. See Configure service account. |
End-User Notifications configurations |
|
Configure End-User Notifications
Configure service account
The service account is a user that runs background processes for End-User Notifications. This user requires the Content Administrator and End-User Notifications Administrator roles or the Tanium Administrator role.
For more information about End-User Notifications permissions, see User role requirements.
If you imported End-User Notifications with default settings, the service account is set to the account that you used to perform the import. Configuring a unique service account for each Tanium solution is an extra security measure to consider in consultation with the security team of your organization.
- On the End-User Notifications Home page, click Settings
and open the Service Account tab.
- Update the service account settings and click Submit.
(Optional) Configure the End-User Notifications action group
Importing the End-User Notifications module automatically creates an action group to target specific endpoints. If you did not use automatic configuration or you enabled restricted targeting when you imported End-User Notifications, the action group targets No Computers.
If you used automatic configuration and restricted targeting was disabled when you imported End-User Notifications, configuring the End-User Notifications action group is optional.
Select the computer groups to include in the End-User Notifications action group.
- From the Main menu, go to Administration > Actions > Action Groups.
- Click Tanium End-User Notifications.
- Select the computer groups that you want to include in the action group and click Save.
If you select multiple computer groups, choose an operator (AND or OR) to combine the groups.
Customize the End-User Self Service Client
Add a company logo and relevant information to personalize the End-User Self-Service experience.
You must create at least one End-User Notifications configuration. For more information about creating a configuration, see Create a configurationCustomizing the End-User Self Service interface.
Set up End-User Notifications users
You can use the following set of predefined user roles to set up End-User Notifications users.
To review specific permissions for each role, see User role requirements.
For more information about assigning user roles, see Tanium Core Platform User Guide: Manage role assignments for a user.
End-User Notifications Administrator
Assign the End-User Notifications Administrator role to users who manage the configuration and deployment of End-User Notifications functionality to endpoints.
End-User Notifications Endpoint Configuration Approver
Assign the End-User Notifications Endpoint Configuration Approver role to a user who approves or rejects End-User Notifications configuration items in Tanium Endpoint Configuration. This role can approve, reject, or dismiss End-User Notifications configuration changes.
End-User Notifications Endpoint Configuration Operator
Assign the End-User Notifications Operator role to users who manage most configurations and deployment of End-User Notifications functionality to endpoints.
End-User Notifications Endpoint Configuration Read Only User
Assign the End-User Notifications Read Only User role to users who need visibility into End-User Notifications settings but do not need rights to update them.
Initialize endpoints
End-User Notifications installs a set of tools on each endpoint that you have targeted. Initializing endpoints configures the End-User Notifications Tools to be installed on any compatible endpoint in the End-User Notifications action group. You must complete this procedure any time the action group is changed.
- On the End-User Notifications Overview page, click Help
, and then click Support.
- Click Initialize Endpoints and confirm your action.
After deploying the tools for the first time, endpoints can take up to four hours to display status.
Last updated: 1/13/2023 2:48 PM | Feedback