By using this feature in your Heimdal dashboard, you can distribute your own policy for all/some of the users in your environment. Also, in case you have AD Global Security Groups, you can distribute your policy through AD groups as well.
If you want to distribute a policy to an AD computer Group, you just need to create a new policy, name your Computer Group (“Servers”, in the example provided) and place the group's name in the AD Computer Group field.
After you create this policy, you only need to enable it so it can come into full effect.
• Right now, the only AD group types that are supported are GLOBAL SECURITY GROUPS (COMPUTER ORUSER)
• Nested groups as well as AD OU names are not supported for use within the Thor dashboard.
• The group names are case sensitive inside the Thor dashboard so for a successful bind, the names have to be an exact match.
• It is possible to have both fields AD Computer Group and AD User Group filled in for the SAME policy. However, this will make the policy extremely restrictive. It will only apply when both the computer and user membership requirements are met.