I am using Teamviewer 12 (corporate license) and I am trying to do the following:
1. I need the computers to be accessible ONLY from the Teamviewer company account (no access from other users, no "public" 9 digit ID to be used without the company account)
2. I need the company employees to be in separate groups that will give them access to different computers. For example I need users in the "support" group and other users in the "engineering group". Then lets 's say I have computers in group A and group B. I need the support users to have access to group A while the engineering users should have access to both A and B group computers.
3. I need to be able to easily remove users when an employee leaves the company or add users when there is a new employee.
So far the main solution seems to be using the master whitelist to achieve that but I am not totally sure I am doing it right. Here is what I did so far in the Teamviewer Management Console:
1. I created a group for computers A and computers B (and added computers only)
2. I created a group for Support and Engineering employes (and added contacts only). I am not sure about that one, it seems group can contain computers as well as contacts?
3. I created a Master Whitelist policy for A as well as one for B: I used the setting "Black and whitelist". I set "Allow access only for the following partners" and I added the contacts from the Support and/or Engineering group and there lies my problem. It seems to only be for the current contacts instead of the group itself (the group seems to be a way to sort contacts but I am not sure you can add a group itself). If users are removed or added, it won't get automatically updated? I would have to go in the policy and remove/add the users? And I am not sure what the "Enforce" setting do?