Table of Contents
Chrome Login Control Events in GAT Shield #
GAT Shield is an extension deployed on users’ Chrome browsers. It allows the Google Workspace Admins to control the login activity of the end-users and manage the users’ browsing activity while logged in the Chrome browser.
How to configure the Login Control module. #
To set up Login Control, navigate to GAT Shield > Configuration > Login Control
Set up the fields as per your requirements and then click Save.
This module allows the Admins to block Google-related pages (except YouTube). As a result, the end user is redirected to a dedicated block page. Note: This does not prevent users from logging in and performing browsing activity on their device.
Note that it may take a while for settings to propagate to extensions.
- Location – Select an area outside of which Shield devices can not log in to your domain. The user must get into the configured area in order to deactivate blocking.
- Logout mode – Select this option to log the user out of the browser completely (Google domain sessions, personal sessions, Chrome, etc.).
- Idle timeout -Set the idle timeout (in seconds). After this time, Shield will log the user’s device out of your domain. The entered value must be between 15 and 900 seconds, or empty to disable logout.
- Public IPs – Allow only selected public IPs to log in to your domain.
- An empty list means GAT Shield will allow all users to log in to your domain from all networks.
- Entered values should be IPv4 addresses only. Use direct (eg. 72.14.0.154) or network addresses (eg. 64.233.187.99/8). All network addresses should end with a CIDR.
- Scope – Select the users for whom this configuration will be applied.
- Time restriction – Select when the configuration should be active. By default, when no time restriction is added, the configuration will always be active. To change it, select days and time ranges when the configuration will be active.
- Update – once the fields you want are filled in, click on Update to apply the rule
Login Control Events #
The result of all the activities of users reported via Login Control can now be seen by Admins in the Login Control Events tab.
To access the reports, navigate to GAT Shield > Audit > Login Control Events
The following details of the user activity can be seen:
- User – view the user for whom the Login Control event was triggered
- Created – when the Login Control event was triggered
- Reason – the reason for the Login Control event
- Logout mode – view if the user was logged out from all of their accounts
- Logout session URLs – view the pages from which the user was logged out
- Org. Unit – the org. unit of the users
- Usage groups – view groups where the user is a member of
- Actions – view the details for the selected user
- User info
- Device info
Result for end user #
The end-user will view this GAT+ default screen.
