> AquaLogic Interaction Administrator Guide > Managing Portal Users and Groups > About Groups

AquaLogic Interaction Administrator Guide

     Previous Next  Open TOC in new window   View as PDF - New Window  Get Adobe Reader - New Window
Content starts here

About Groups

Groups are sets of users, sets of other groups, or both. Groups enable you to more easily control security because you assign each group different activity rights and access privileges. Groups are created in the portal either by adding them individually as portal objects, or by synchronizing with authentication sources (user repositories such as LDAP or Active Directory).

Membership to a group is determined in two ways:
  • Members are explicitly defined as specific users and/or other groups on the Group Memberships page.
  • Members are dynamically determined based on rules you set up on the Dynamic Membership Rules page.

Dynamic Group Membership

You might want to have users automatically added to or removed from groups based on properties in their user profiles or other group membership. This is called dynamic group membership. For example, you might want to give users access to a community based on their location, title, department, or any other property in their profile. If you have a community for all the branches in Texas, you could set up a rule that states that all employees in Texas are part of the group. If an employee moves to Arizona, and the "State" property in her profile changes, the employee no longer satisfies this rule.

Community Groups

You can create groups inside a community without affecting portal groups. You create community groups so that you can easily assign responsibilities to community members. For example, you might have a group that is responsible for maintaining schedules in the community.

Community groups are available only within the community. However, you can make a community group available outside of the community by moving the group to a non-community administrative folder.

Roles

A role is not a portal object; it is an association between a group and the activity rights required to perform a job function. For example, the Knowledge Directory administrator role is not an object you define; it relates to administrative responsibilities for those who manage content in the Knowledge Directory.

Before you create portal groups for the purpose of assigning roles, you should familiarize yourself with the definition and scope of the administrative tasks you plan to delegate and the activity rights needed to complete those administrative tasks. Some users will handle many tasks, but those tasks might actually encompass several roles. Before creating a role to cover all these tasks, consider if there are situations where the tasks will be broken down into smaller roles. You can easily assign more than one role to a user.

Groups Created Upon Installation

The following groups are created in the Portal Resources folder when you install the portal:
  • Administrators Group: This group provides full access to everything in the portal: all objects, all utilities, and all portal activities.
  • Everyone: This group includes all portal users, whether created manually through the administration menu, imported from authentication sources, created through acceptance of an invitation, or created through the Create an Account page.
  • Example RolesA role is not a portal object; it is an association between a group and the activity rights required to perform a job function.
  • Creating and Adding Members to a GroupGroups are sets of users, sets of other groups, or both. Groups enable you to more easily control security because you assign each group different activity rights and access privileges.
  • Configuring Dynamic Group MembershipYou might want to have users automatically added to or removed from groups based on properties in their user profiles or other group membership. This is called dynamic group membership. For example, you might want to give users access to a community based on their location, title, department, or any other property in their profile. If you have a community for all the branches in Texas, you could set up a rule that states that all employees in Texas are part of the group. If an employee moves to Arizona, and the "State" property in her profile changes, the employee no longer satisfies this rule.
  • Assigning Activity Rights to a GroupActivity rights determine which portal objects a user can create and which portal utilities a user can execute to create or modify portal objects.
Parent topic: Managing Portal Users and Groups
Related tasks
Creating and Adding Members to a Group
Configuring Dynamic Group Membership
Related reference
Example Roles

  Back to Top      Previous Next