GroupID 8 - Self-Service
We want to allow a role in GroupID to be able to create only the group and contact object types through the Self-Service portal. Can this be done?
Using the GroupID Self-Service portal, users can create the following object types:
- Smart Group (Security and Distribution)
- Static Group (Security and Distribution)
- User, Mailbox, and Contact
To grant or deny the permission for creating specific objects, follow the steps below.
- In GroupID Management Console, click the Identity Stores node.
- On the Identity Stores tab, double-click the required identity store to open its properties.
- Click the Security Roles tab.
- Select a role to allow or deny permissions to, and click Edit.
- On the Role Properties page, click the Permissions tab.
The 'Create' permissions for the Self-Service portal are highlighted below:
- Select the Allow option button for a permission to assign it to the role.
Select the Deny option button for a permission to deny it to the role.
- Make the desired configurations and click OK to save the changes.
|Note:||Make sure that the Service Account has delegated permissions to perform the operation in the directory.|
Suppose you allow the role to create groups and contacts using the portal. This is how the result will look like:
We can also enforce granular configurations, like, allow users to create only security groups or distribution lists using the portal. Or we can limit users to create contacts in a specific OU. We can also define a workflow that is triggered on create or modify events. This article does not cover these topics.
GroupID Online Help topic: Managing roles