Questo contenuto non è disponibile nella lingua selezionata.
Chapter 47. Managing host groups using the IdM Web UI
Learn more about how to manage host groups and their members in the Web interface (Web UI) by using the following operations:
- Viewing host groups and their members
- Creating host groups
- Deleting host groups
- Adding host group members
- Removing host group members
- Adding host group member managers
- Removing host group member managers
47.1. Host groups in IdM
IdM host groups can be used to centralize control over important management tasks, particularly access control.
Definition of host groups
A host group is an entity that contains a set of IdM hosts with common access control rules and other characteristics. For example, you can define host groups based on company departments, physical locations, or access control requirements.
A host group in IdM can include:
- IdM servers and clients
- Other IdM host groups
Host groups created by default
By default, the IdM server creates the host group ipaservers
for all IdM server hosts.
Direct and indirect group members
Group attributes in IdM apply to both direct and indirect members: when host group B is a member of host group A, all members of host group B are considered indirect members of host group A.
47.2. Viewing host groups in the IdM Web UI
Follow this procedure to view IdM host groups using the Web interface (Web UI).
Prerequisites
- Administrator privileges for managing IdM or User Administrator role.
- You are logged-in to the IdM Web UI. For details, see Accessing the IdM Web UI in a web browser.
Procedure
Click Identity
Groups, and select the Host Groups tab. - The page lists the existing host groups and their descriptions.
- You can search for a specific host group.
Click on a group in the list to display the hosts that belong to this group. You can limit results to direct or indirect members.
Select the Host Groups tab to display the host groups that belong to this group (nested host groups). You can limit results to direct or indirect members.
47.3. Creating host groups in the IdM Web UI
Follow this procedure to create IdM host groups using the Web interface (Web UI).
Prerequisites
- Administrator privileges for managing IdM or User Administrator role.
- You are logged-in to the IdM Web UI. For details, see Accessing the IdM Web UI in a web browser.
Procedure
-
Click Identity
Groups, and select the Host Groups tab. - Click Add. The Add host group dialog appears.
- Provide the information about the group: name (required) and description (optional).
Click Add to confirm.
47.4. Deleting host groups in the IdM Web UI
Follow this procedure to delete IdM host groups using the Web interface (Web UI).
Prerequisites
- Administrator privileges for managing IdM or User Administrator role.
- You are logged-in to the IdM Web UI. For details, see Accessing the IdM Web UI in a web browser.
Procedure
-
Click Identity
Groups and select the Host Groups tab. - Select the IdM host group to remove, and click Delete. A confirmation dialog appears.
Click Delete to confirm
Removing a host group does not delete the group members from IdM.
47.5. Adding host group members in the IdM Web UI
Follow this procedure to add host group members in IdM using the web interface (Web UI).
Prerequisites
- Administrator privileges for managing IdM or User Administrator role.
- You are logged-in to the IdM Web UI. For details, see Accessing the IdM Web UI in a web browser.
Procedure
-
Click Identity
Groups and select the Host Groups tab. - Click the name of the group to which you want to add members.
- Click the tab Hosts or Host groups depending on the type of members you want to add. The corresponding dialog appears.
- Select the hosts or host groups to add, and click the > arrow button to move them to the Prospective column.
Click Add to confirm.
47.6. Removing host group members in the IdM Web UI
Follow this procedure to remove host group members in IdM using the web interface (Web UI).
Prerequisites
- Administrator privileges for managing IdM or User Administrator role.
- You are logged-in to the IdM Web UI. For details, see Accessing the IdM Web UI in a web browser.
Procedure
-
Click Identity
Groups and select the Host Groups tab. - Click the name of the group from which you want to remove members.
- Click the tab Hosts or Host groups depending on the type of members you want to remove.
- Select the check box next to the member you want to remove.
Click Delete. A confirmation dialog appears.
- Click Delete to confirm. The selected members are deleted.
47.7. Adding IdM host group member managers using the Web UI
Follow this procedure to add users or user groups as host group member managers in IdM using the web interface (Web UI). Member managers can add hosts group member managers to IdM host groups but cannot change the attributes of a host group.
Prerequisites
- Administrator privileges for managing IdM or User Administrator role.
- You are logged-in to the IdM Web UI. For details, see Accessing the IdM Web UI in a web browser.
- You must have the name of the host group you are adding as member managers and the name of the host group you want them to manage.
Procedure
Click Identity
Groups and select the Host Groups tab. - Click the name of the group to which you want to add member managers.
- Click the member managers tab User Groups or Users depending on the type of member managers you want to add. The corresponding dialog appears.
Click Add.
- Select the users or user groups to add, and click the > arrow button to move them to the Prospective column.
- Click Add to confirm.
After you add a member manager to a host group, the update may take some time to spread to all clients in your Identity Management environment.
Verification
On the Host Group dialog, verify the user group or user has been added to the member managers list of groups or users.
47.8. Removing IdM host group member managers using the Web UI
Follow this procedure to remove users or user groups as host group member managers in IdM using the web interface (Web UI). Member managers can remove hosts group member managers from IdM host groups but cannot change the attributes of a host group.
Prerequisites
- Administrator privileges for managing IdM or User Administrator role.
- You are logged-in to the IdM Web UI. For details, see Accessing the IdM Web UI in a web browser.
- You must have the name of the existing member manager host group you are removing and the name of the host group they are managing.
Procedure
Click Identity
Groups and select the Host Groups tab. - Click the name of the group from which you want to remove member managers.
- Click the member managers tab User Groups or Users depending on the type of member managers you want to remove. The corresponding dialog appears.
- Select the user or user groups to remove and click Delete.
Click Delete to confirm.
NoteAfter you remove a member manager from a host group, the update may take some time to spread to all clients in your Identity Management environment.
Verification
On the Host Group dialog, verify the user group or user has been removed from the member managers list of groups or users.