This topic describes how to create, modify, and remove or delete groups in the IDaaS console.

Create a group

You can add a group under an organization to manage (provision) multiple accounts or groups at a same. A group can contain other groups or accounts as its members. All members in a group can be provisioned as a whole.

Procedure

  1. Log on to the IDaaS console as an IT administrator. For more information, see Logon in Administrator Guide.
  2. In the left-side navigation pane, choose Users > Organizations and Groups.
  3. In the OUs window on the left, right-click the organization to which the group to be created belongs and choose Add > Group from the shortcut menu.
  4. In the Create Group dialog box that appears, click the Group Attributes tab and configure the following parameters.
    Parameter Description
    Parent OU The parent node of the group.
    Name The name the group.
    External ID The external ID of the group. The external ID is the unique ID of a group in IDaaS. If you do not specify this parameter, it is automatically generated by IDaaS.
    Description The description of the group.
  5. If you have defined extended attributes in the data dictionary, click the Extended Attributes tab to add attributes.
  6. If the new group and an existing group are mutually exclusive, select the existing group on the Mutually Exclusive Groups tab.
  7. After configuring the parameters, click Submit.

The new organization is displayed on the Group tab of the parent organization on the right. It is enabled by default.

Modify a group

You can modify the attributes of an existing group at any time, such as the name, account members, group members, and mutually exclusive groups.

Procedure

  1. Log on to the IDaaS console as an IT administrator. For more information, see Logon in Administrator Guide.
  2. In the left-side navigation pane, choose Users > Organizations and Groups.
  3. In the OUs window on the left, find the organization to which the group to be modified belongs and click its name.
  4. In the organization information window on the right, click the Group tab.
  5. In the group list, find the target group and click Modify in the Actions column.
  6. In the Group Attributes dialog box that appears, modify the general attributes as specified in steps 4, 5, and 6 in the Create a group section and then click OK.
  7. View and modify the account members and mutually exclusive groups of the current group on the Member (Accounts) and Mutually Exclusive Groups tabs.
    • Add account members
      1. On the Members (Accounts) tab, click Add Members.
      2. On the Add Members dialog box that appears, select the accounts to be added to the group.
        Note You cannot select members of mutually exclusive groups for the current group here.
      3. Click OK.
      Note You can remove members on the Members (Accounts) tab by clicking Remove or Batch Remove.
    • Add mutually exclusive groups
      1. On the Mutually Exclusive Groups tab, click Add Mutually Exclusive Group.
      2. In the Add Mutually Exclusive Group dialog box that appears, select the groups to be added.
      3. Click OK.
      Note You can remove mutually exclusive groups on the Mutually Exclusive Groups tab by clicking Remove or Batch Remove.

Delete a group or remove a group from an organization

You can delete a group that is no longer needed from the root node of its parent organization. You can only delete a group that does not contain any members. Therefore, you must delete members before this operation.

For a group that belongs to a non-root node, you can remove it from the parent organization to detach its affiliation with the organization. After removing a group that belongs to a non-root node from the parent organization, you can further remove it from the root node.

Procedure

  1. Log on to the IDaaS console as an IT administrator. For more information, see Logon in Administrator Guide.
  2. In the left-side navigation pane, choose Users > Organizations and Groups.
  3. You can determine whether to delete a group or remove a group:
    • Delete a group
      1. In the OUs window on the left, click the root node for the target organization.
      2. On the Group tab, search for the group to be deleted and click Delete in the Actions column.
      3. In the System Prompt message that appears, click OK.
        Note You can only delete a group that does not contain any members.
      4. In the Incremental Provisioning dialog box that appears, perform provisioning operations after you delete the group.
    • Remove a group
      1. In the OUs window on the left, find the organization to which the group to be removed belongs and click its name.
      2. On the Group tab, find the group to be removed and click Remove in the Actions column.
      3. In the System Prompt message that appears, click OK.