Hi,

I think I know the answer to this and the answer is it's not possible but I really need to be able to configure access control based on a group.  At present, it seems I can only configure it by resource and am limited to a maximum of 100 at a time, I've nearly a thousand so am repeating myself 10 times.

This means every time a new resource is added to the AD group that defines it should be part of PMP I then have to go and configure access control on it which seems crazy.  It should be configured in a similar manner to periodic password resets which are group-based.

Am I correct here or is there something I'm missing?  What if we had 100k workstations and can only configure on 100 at a time?  We'd be there forever! 

And I'm not always aware of when new machines are added and there doesn't seem to be a way of checking which have it enabled and which don't. 

It's really stopping me from rolling this out to the end-users.

Thanks