Login
Contents x
Groups
  • 23 May 2023
  • Dark
    Light
  • PDF
Contents

Groups

  • Updated on 23 May 2023
  • Dark
    Light
  • PDF
Article summary

This section captures how users and groups are created and assigned in IAP. Group management and configuration is also explained.

  • Users are assigned to external groups within the external AAA system. Users cannot be assigned to external groups using IAP.
  • An external group is an account that comes from an external AAA System such as LDAP. An external group cannot be created within IAP.
  • An IAP group is an account created within the IAP system. Users are assigned to IAP groups through Authorization.

Note: If User1 is a member of Group1 and starts a job, and User2 is not a member of Group1, then User2 will not be able to see the job.

Managing Groups

External groups cannot be created within IAP. Instead, IAP will create the external group record once it has been learned from the AAA system.

To manage groups within IAP:

  1. Login to IAP as an administrator (a user with the Pronghorn.admin Role).
  2. Navigate to Admin Essentials > Quick Start > Authorization.
  3. SelectGroups. A list of all defined groups and their provenances is displayed.
  4. Locate the group in the list. You can filter the list by typing in the Search Groups field.
  5. Select the group in the list to view or edit.
  6. Edit the description as desired.
  7. Edit roles and groups as desired.
  8. Click Save to finalize your changes.

Figure 1: Edit Group Roles

05-editGroup-auth-21.2

Configuring Group Membership

An IAP Group may be added or removed using the Authorization. IAP groups and external groups can be given membership to an IAP group. In contrast, neither group can be given membership to an external group.

To change group membership:

  1. Login to IAP as an administrator (a user with the Pronghorn.admin Role).
  2. Navigate to Admin Essentials > Quick Start > Authorization.
  3. Select Groups. A list of defined groups is displayed.
  4. Locate the group in the list. You can filter the list by typing in the Search Groups field.
  5. Select the group in the list to view or edit.
  6. From the Edit Group modal, select Groups .
  7. Add or remove group membership by selecting the checkbox.

Identifying Group Members

A members list identifies the users and groups that are direct members of a Group.

  1. Navigate to the Edit Group modal.
  2. Locate the Members list (tab). There is no indicator for inherited memberships.

Deleting a Group

Caution: This is a hard delete. Deleting a group will remove the role from all Users and Groups assigned to it.

Only IAP Groups can be deleted.

  1. Select Groups from the Authorization menu.
  2. Locate the group you wish to delete. You can filter the list using the filter fields in the column header.
  3. Click the stacked dots menu icon and select Delete.
  4. Confirm the deletion.
Was this article helpful?
What's Next
Privacy Policy
Cookie Policy
Terms of Use
EULA
Copyright © 2022 Itential for Developers
Change password!
Changing your password will log you out immediately. Use the new password to log back in.
Change profile
Success!
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.
Logout