User groups
Introduction to user groups
User groups are used to assign roles to users with similar rights. A user group is often a department or a function within an organization. For example, there can be a user group for purchasing or sales. A group can also refer to a more specific group within a department, such as the purchasing managers, or to a more generic group of users, like the managers from all departments or even all employees.
It is not uncommon to have different types of groups, with users being a member of multiple groups.
Create user groups
The User groups screen shows an overview of the available user groups.
menu Authorization > User groups > tab List
New user groups can be created by clicking the Add button in the ribbon or below the form.
If necessary, add a Tenant.
Different types of user groups are available in field Group type:
Custom - The users of the user groups are administered via the Intelligent Application Manager
Windows domain - The users and groups are administered via the Windows domain (Active Directory).
After creating a Windows domain user group, execute the task Update Active Directory group to synchronize the users from Active Directory to the Intelligent Application Manager. Any users already linked to the group will be removed first.
To be able to use this functionality Ad Hoc Distributed Queries must be enabled on the IAM database.
Create a user group
Grant a user group access to applications
To grant a user group access to applications, roles need to be assigned to the user group:
menu Authorization > User groups > tab List
In tab List, select a user group.
Open the tab Authorization. This is an overview of all the applications and roles that are connected with the selected user group.
Select an application (project) from the list (left).
A checkbox next to the application indicates if any roles are assigned to the selected user group in this application.
In tab Roles > List, press the Assign role
task for the roles to which this user group needs access.
Detailed information about granted role rights is available in the tab Role rights.
Linking roles to user groups
Add users to a user group
The Users tab page shows a list of all users that are members of the selected user group. To create users, see users.
When adding a user to a group, it is possible to define the start and end date of the group membership. The user will only be granted the user group rights while the current date is within the membership period.
User group user
Group owners
Additional group owners, who can add existing users to a user group, can be added to a user group in the Group owners tab page.