Red Hat SummitCe contenu n'est pas disponible dans la langue sélectionnée.
Chapter 25. Managing user groups in IdM Web UI
Manage user groups in Identity Management (IdM) using the Web UI to organize users with common privileges, password policies, and other characteristics. User groups simplify administration by applying policies to multiple users at once.
A user group is a set of users with common privileges, password policies, and other characteristics.
A user group in Identity Management (IdM) can include:
- IdM users
- other IdM user groups
- external users, which are users that exist outside of IdM
For details about the group types in IdM, see The different group types in IdM section. For details about direct and indirect group members, see Direct and indirect group members section.
25.1. Adding a user group using IdM Web UI
Create user groups in the Identity Management (IdM) Web UI to organize users and manage access control policies collectively. Groups simplify administration by allowing you to assign permissions and roles to multiple users at once.
Prerequisites
- You are logged in to the IdM Web UI.
Procedure
-
Click Identity
Groups, and select User Groups in the left sidebar. - Click Add to start adding the group.
Fill out the information about the group. For more information about user group types, see The different group types in IdM.
You can specify a custom GID for the group. If you do this, be careful to avoid ID conflicts. If you do not specify a custom GID, IdM automatically assigns a GID from the available ID range.
- Click Add to confirm.
25.2. Deleting a user group using IdM Web UI
You can delete user groups using the Identity Management (IdM) WebUI. Deleting a group does not delete the group members from IdM.
Prerequisites
- You are logged in to the IdM Web UI.
Procedure
-
Click Identity
Groups and select User Groups. - Select the group to delete.
- Click Delete.
- Click Delete to confirm.
25.3. Adding a member to a user group using IdM Web UI
Add users and user groups as members of a user group in the Identity Management (IdM) Web UI to organize permissions and access control efficiently. Group membership simplifies user management by applying policies to multiple users simultaneously.
Prerequisites
- You are logged in to the IdM Web UI.
Procedure
-
Click Identity
Groups and select User Groups in the left sidebar. - Click the name of the group.
- Select the type of group member you want to add: Users, User Groups, or External.
- Click Add.
- Select the checkbox next to one or more members you want to add.
- Click the right arrow to move the selected members to the group.
- Click Add to confirm.
25.4. Adding users or groups as member managers to an IdM user group using the Web UI
Designate users or user groups as member managers using the Identity Management (IdM) Web UI to delegate user group membership management. Member managers can add or remove group members without having full administrative privileges.
Prerequisites
- You are logged in to the IdM Web UI.
- You must have the name of the user or group you are adding as member managers and the name of the group you want them to manage.
Procedure
-
Click Identity
Groups and select User Groups in the left sidebar. - Click the name of the group.
- Select the type of group member manager you want to add: Users or User Groups.
- Click Add.
- Select the checkbox next to one or more members you want to add.
- Click the right arrow to move the selected members to the group.
Click Add to confirm.
NoteAfter you add a member manager to a user group, the update may take some time to spread to all clients in your Identity Management environment.
Verification
Verify the newly added user or user group has been added to the member manager list of users or user groups:
25.5. Viewing group members using IdM Web UI
View both direct and indirect members of an Identity Management (IdM) user group in the IdM Web UI to understand group membership inheritance across nested groups.
Prerequisites
- You are logged in to the IdM Web UI.
Procedure
-
Select Identity
Groups. - Select User Groups in the left sidebar.
- Click the name of the group you want to view.
- Switch between Direct Membership and Indirect Membership.
Additional resources
25.6. Removing a member from a user group using IdM Web UI
Remove users, nested groups, or external members from an Identity Management (IdM) user group in the IdM Web UI to revoke their inherited group privileges.
Prerequisites
- You are logged in to the IdM Web UI.
Procedure
-
Click Identity
Groups and select User Groups in the left sidebar. - Click the name of the group.
- Select the type of group member you want to remove: Users, User Groups, or External.
- Select the checkbox next to the member you want to remove.
- Click Delete.
- Click Delete to confirm.
25.7. Removing users or groups as member managers from an IdM user group using the Web UI
Remove users or groups as member managers from an Identity Management (IdM) user group by using the IdM Web UI to revoke their ability to manage group membership. Member managers can add and remove group members but cannot change the group’s attributes.
Prerequisites
- You are logged in to the IdM Web UI.
- You must have the name of the existing member manager user or group you are removing and the name of the group they are managing.
Procedure
-
Click Identity
Groups and select User Groups in the left sidebar. - Click the name of the group.
- Select the type of member manager you want to remove: Users or User Groups.
- Select the checkbox next to the member manager you want to remove.
- Click Delete.
Click Delete to confirm.
NoteAfter you remove a member manager from a user group, the update may take some time to spread to all clients in your Identity Management environment.
Verification
Verify the user or user group has been removed from the member manager list of users or user groups:
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}