You can create rules that map each endpoint to a certain policy based on its Active Directory (AD) data.

AD-based policy assignment happens when an agent first contacts the Carbon Black App Control server, and is checked again each time the server and agent re-establish contact or the logged-in user on the agent endpoint changes (see Endpoint Registration and AD Mapping for more information on when mapping can change).