Applies To:

GroupID 8, 9, 10 - Self-Service

Business Requirement:

We want to allow a role in GroupID to be able to create only the group and contact object types through the Self-Service portal. Can this be done?


Using the GroupID Self-Service portal, users can create the following object types:

  • Smart Group (Security and Distribution)
  • Static Group (Security and Distribution)
  • User, Mailbox, and Contact

To grant or deny the permission for creating specific objects, follow the steps below.


  1. In GroupID Management Console, click the Identity Stores node.
  2. On the Identity Stores tab, double-click the required identity store to open its properties.
  3. Click the Security Roles tab.
  4. Select a role to allow or deny permissions to, and click Edit.

  5. On the Role Properties page, click the Permissions tab.
    The 'Create' permissions for the Self-Service portal are highlighted below:

  6. Select the Allow option button for a permission to assign it to the role.
    Select the Deny option button for a permission to deny it to the role.

  7. Click OK to save the changes.

Let's assume you allow the role to create groups and contacts using the portal. This is how the result will look like:

We can also enforce granular configurations, like, allow users to create only security groups or distribution lists using the portal. Or we can limit users to create contacts in a specific OU. We can also define a workflow that is triggered on create or modify events. This article does not cover these topics.


GroupID Online Help topic: Managing roles

Comments (0)