Grouping users makes it easy to manage access to protected resources. A user group is a collection of users, other user groups, or both. Users and user groups that belong to a user group are called member users and member user groups.
You can organize groups according to your organizational needs:
Geographic location. Groups can be created according to geography.
A city, state, or country
A region that includes several cities, states, or countries
Company divisions. Groups can be created according to functional areas in a company.
Resources. Groups can be created according to particular resources.
Research and development files
User groups have the following characteristics:
Each user group is stored in an identity source, either an LDAP directory or the internal database.
Each user group is associated with a security domain.
A user group can contain multiple users and user groups.
User groups stored in an external identity source can contain only users and user groups contained in that identity source.
A user group can include users and user groups that are managed in different security domains.
For example, users in security domain A and users in security domain B can both be members of the same user group and thus access the same protected resources.
User group names must be unique within a single identity source.
Authentication Managercan have two user groups with the same name if they are stored in two different identity sources.
Administrators can move user groups between security domains to transfer administrative responsibility for the group to a different administrator.
For instructions,see Move User Groups Between Security Domains.
A user or user group can be a member of more than one user group.
You can add and remove a user from user group using the User Dashboard page.
For instructions,see User Dashboard.
You can create user groups in the following ways:
To create a user group in the internal database, use the Security Console. For instructions, see Add a User Group and Add a User to a User Group.
To create a user group in an external identity source, use the LDAP directory native interface.
Search for User Groups
Delete User Groups
Edit User Groups
Duplicate User Groups